Computers & Electronics

Recommend me a router that does VLANs

  • Last Updated:
  • Feb 25th, 2021 8:47 pm
[OP]
Deal Expert
User avatar
Nov 15, 2004
19469 posts
3519 upvotes
Toronto

Recommend me a router that does VLANs

I've got my work computer on my home network and it's really bothering me that I can see the other devices on my network when I'm logged in and working. I want to isolate my work computer on its own VLAN that can't see anything but the internet, and maybe do the same for my IOT devices. My current router only has guest wifi functionality and nothing for the ethernet ports, which is what I need to separate. People in the know, please recommend me a good router that allows me to run VLANs on the ethernet connections. I haven't kept up with the industry and don't know what's available. Wifi isn't necessary as I can just use my current router as an access point. Thanks in advance.
39 replies
Jr. Member
Apr 19, 2014
125 posts
130 upvotes
Markham, ON
I use TP Link EAP 245 with OMADA software controller on an Ubuntu container that allows vlans.
Deal Addict
User avatar
Feb 12, 2008
4221 posts
213 upvotes
Toronto
There are small PC's with multiple ports (qotom for instance) which can run pfsense and do what want. What is your budget?
Nothing to see here...keep looking.
[OP]
Deal Expert
User avatar
Nov 15, 2004
19469 posts
3519 upvotes
Toronto
Zero1 wrote: There are small PC's with multiple ports (qotom for instance) which can run pfsense and do what want. What is your budget?
I'd like to keep it under $200 if possible.
Deal Guru
User avatar
Feb 10, 2007
12229 posts
3384 upvotes
just put your computer behind another router, then plug that router into the lan of the main router

vlans at home is stupid for most cases
[self promotion rule violation, removed twice already][self promotion rule violation, removed twice already]Trolling or Threadcrapping Trolling - woooooooo 3k on a laptop woooooooo 3k on a laptop woooooooo 3k on a laptop woooooooo 3k on a laptop
Deal Addict
User avatar
Feb 12, 2008
4221 posts
213 upvotes
Toronto
Piro21 wrote: I'd like to keep it under $200 if possible.
Ubiquity edge routers are your best bet IMO. Affordable price and can do vlans.
Nothing to see here...keep looking.
Deal Addict
User avatar
Nov 1, 2017
1139 posts
535 upvotes
Asus routers thru Merlin can support vlans.

However the Gui isn't perfect, and RMerlin doesn't have plans to fix it. You'll need to write a script to configure the router.

I have pfsense manage my vlans rules, and then use a script on my Asus routers to setup the vlan specific WiFi and ports.

I have my WAN setup as a trunk port, but the table in Merlin show shows vlan1.

Tomato fw can enable VLAN on almost every consumer router, but I find the wireless performance isn't great, and the Gui doesn't actually do everything it says it does.

Writing a script despite having zero knowledge was easier than figuring out how to do it with Tomato (for me)
Images
  • Screenshot_20210223-113008_Brave.jpg
[OP]
Deal Expert
User avatar
Nov 15, 2004
19469 posts
3519 upvotes
Toronto
sexyj wrote: just put your computer behind another router, then plug that router into the lan of the main router

vlans at home is stupid for most cases
Hadn't thought of this, but it makes sense. I can just buy a cheap one and put it between my current router and the modem with the work computer plugged in.
Member
May 29, 2004
442 posts
97 upvotes
you can look at pfsense appliance (https://www.pfsense.org/products/) or build one. drawback, you will need to get managed switch if you have several devices. also, asus router in ap mode is not good as i found out. i have to get unifi in the end -_-
Deal Addict
Sep 16, 2013
1779 posts
931 upvotes
SW ON
sexyj wrote: just put your computer behind another router, then plug that router into the lan of the main router

vlans at home is stupid for most cases
In my books double-NATting is more stupid.
Deal Guru
User avatar
Feb 10, 2007
12229 posts
3384 upvotes
yes, because you actually need VLAN in a home environment, sigh...

cmon man... anyone that's running a VLAN at home is just for brags

there's not enough legitimate reason to waste time on setting up VLANS at home. NONE, ZERO, NILL.
alpovs wrote: In my books double-NATting is more stupid.
[self promotion rule violation, removed twice already][self promotion rule violation, removed twice already]Trolling or Threadcrapping Trolling - woooooooo 3k on a laptop woooooooo 3k on a laptop woooooooo 3k on a laptop woooooooo 3k on a laptop
Deal Addict
Sep 16, 2013
1779 posts
931 upvotes
SW ON
sexyj wrote: yes, because you actually need VLAN in a home environment, sigh...

cmon man... anyone that's running a VLAN at home is just for brags

there's not enough legitimate reason to waste time on setting up VLANS at home. NONE, ZERO, NILL.
Are you for real? It doesn't take much longer than waisting time on these forums. You probably live alone with no other users of your network, don't have security cameras going outside or IoT devices. In this situation there is no reason for VLANs. But people differ.
Deal Guru
User avatar
Feb 10, 2007
12229 posts
3384 upvotes
You just proved my point. You listed reasons, not legitimate reasons to waste time on.

All of your reasons can be put on a "dreaded double-NATting" as you would call it and it will perform fine.

Cmon man, you aren't running an enterprise at home as much as you want to pretend to be.

"YEAH! I put my security cameras on my VLAN!!!! WOOOOO I'm so secure now" :facepalm:

Based on your comments, I bet you are one of those people that put their modem on bridge mode because it's so much better.
alpovs wrote: Are you for real? It doesn't take much longer than waisting time on these forums. You probably live alone with no other users of your network, don't have security cameras going outside or IoT devices. In this situation there is no reason for VLANs. But people differ.
[self promotion rule violation, removed twice already][self promotion rule violation, removed twice already]Trolling or Threadcrapping Trolling - woooooooo 3k on a laptop woooooooo 3k on a laptop woooooooo 3k on a laptop woooooooo 3k on a laptop
Deal Addict
User avatar
Nov 1, 2017
1139 posts
535 upvotes
sexyj wrote: You just proved my point. You listed reasons, not legitimate reasons to waste time on.

All of your reasons can be put on a "dreaded double-NATting" as you would call it and it will perform fine.

Cmon man, you aren't running an enterprise at home as much as you want to pretend to be.

"YEAH! I put my security cameras on my VLAN!!!! WOOOOO I'm so secure now" :facepalm:

Based on your comments, I bet you are one of those people that put their modem on bridge mode because it's so much better.
I'm in this comment and I don't like it....
Deal Addict
Sep 16, 2013
1779 posts
931 upvotes
SW ON
sexyj wrote: You just proved my point. You listed reasons, not legitimate reasons to waste time on.

All of your reasons can be put on a "dreaded double-NATting" as you would call it and it will perform fine.

Cmon man, you aren't running an enterprise at home as much as you want to pretend to be.

"YEAH! I put my security cameras on my VLAN!!!! WOOOOO I'm so secure now" :facepalm:

Based on your comments, I bet you are one of those people that put their modem on bridge mode because it's so much better.
LOL! Just LOL! You must be a lawyer. Legitimate... :)
Sr. Member
Jun 13, 2009
781 posts
494 upvotes
Toronto
Any router where you can run openwrt, or dd-wrt firmware.
Deal Addict
User avatar
Oct 19, 2007
1315 posts
298 upvotes
45.467253°N, 75.5123…
sexyj wrote: yes, because you actually need VLAN in a home environment, sigh...

cmon man... anyone that's running a VLAN at home is just for brags

there's not enough legitimate reason to waste time on setting up VLANS at home. NONE, ZERO, NILL.
LOL
Deal Guru
User avatar
Feb 10, 2007
12229 posts
3384 upvotes
wally_walrus wrote: LOL
LOL
[self promotion rule violation, removed twice already][self promotion rule violation, removed twice already]Trolling or Threadcrapping Trolling - woooooooo 3k on a laptop woooooooo 3k on a laptop woooooooo 3k on a laptop woooooooo 3k on a laptop
Member
Dec 6, 2020
289 posts
263 upvotes
Piro21 wrote: People in the know, please recommend me a good router that allows me to run VLANs on the ethernet connections.
Unfortunately the slap fight that broke out in this thread almost completely overshadowed the point of answering your question.

What you want to accomplish -- namely, isolation of your work laptop and IoT devices to an Internet-only network -- is more complicated than just using a router that has some VLAN functionality.

Both pfSense (and its derivatives) and any of the advanced router firmware packages (OpenWRT etc) can do VLAN tagging and VLAN-based firewalling. However, in order to isolate wired client devices from each other you need a router with switch hardware that can do port-based VLAN assignment. This is a much taller order. Further, if you want to isolate WiFi devices from each other then you need a WiFi AP that supports either client isolation or some form of guest network.

To isolate wired devices, you need either a VLAN-aware multi-port router, like the Edgerouter 12, or a VLAN-aware managed switch coupled with a VLAN-aware router/firewall.

To isolate WiFi devices, you will also need a higher-end WiFI AP, such as the EAP 245, and a VLAN-aware router/firewall. You can use a suitable AP with the Edgerouter 12; you don't need a separate router/firewall as well.
Deal Addict
Mar 16, 2010
1955 posts
455 upvotes
m4r 1k8
any new router that has guest network capability also offers the functionality without having to go too indepth with networking ... just join your work pc / work items through the guest network. alternitively, asus rog gt router also offers the ability to spawn up other networks which are segmented.

Top