Awesome haha. ALmost exact same setup here, incl. OpnSense with an isolation vlan in which (brother) printer and TV are.
Comment on LG Update Installs Unremovable Microsoft Copilot on Smart TVs, Ignites Backlash
ad_on_is@lemmy.dbzer0.com 1 month agoI reworked my entire home network. Going from an Asus router to an opnsense firewall, just to put the HP printer and the LG TV on a VLAN with absolutely no internet access.
These two poor guys ping each other every day, in the hopes one of them gets a connection.
smiletolerantly@awful.systems 1 month ago
LaOroBob@suppo.fi 3 weeks ago
Sorry for that noob question: i do not grasp the idea of vlan fully: will i still be able to connect to devices in the locked down vlan (the tv, the printer) from the devices in the “normal”, open Wifi (like my phone streaming to said tv).
Right now i have a gl-iNet router (brume 2) that uses adguard to block advertising sites (and also home phoning destinations of popular brands), but not sure if that does the trick already.
ad_on_is@lemmy.dbzer0.com 2 weeks ago
Whether you can access these devices or not depends on your firewall rules.
The usual (very simplifed) setup is as follows
VLANs:
Firewall rules:
VLAN_Trusted: Can access everything, WAN (internet) as well as devices on VLAN_Untrusted and VLAN_IoT. Usually, your PC or smartphone is here
VLAN_IoT: can only access WAN (internet), usually connected devices, like smart appliances that you control via their dedicated apps, like Philips HUE lamps, etc.
VLAN_Untrusted: Can not access anything. Usually devices that you don’t want to allow to access anything, Usually TV, or printers to prevent automatic firmware updates.
I hope this helps
LaOroBob@suppo.fi 2 weeks ago
Thanks a lot! That is very helpful. I was lost in reading up the details of configuration without understanding of a general concept.