My Broadband provider Virgin Media, provided a HomeHub 4, which although it looks good on paper really isn’t that special. The Wifi is dire, and the Time access controls do not work. Generally the Modem is a complete joke. Taking into account that I could barely get wifi in my bedroom which is on the opposite side of the house a solution needed to be found. Currently there is no real reason to need to manage login and logout times, but in the future there will be.
So I had a look and came up with this solution, obviously different usecases require different solutions but this one works for me.
My Solution was to use the following
- Ubiquiti Security Gateway
- Ubiquiti Cloud Key
- Ubiquiti Edgerouter-x
- Ubiquiti Access Point
- Ubiquiti Camera Pro
- Dlink DGS-1210-28P/C1
The network is divided into three VLans.
VLAN 1: IoT devices, including Amazon Echo, Echo show, FireTV, Smart Bulbs, Ring Doorbell, Ecowitt Weatherstation and accessories, Samsung Printer, and IOT Server.
VLAN 2: Network for Our PC’s and Phones.
VLAN 3: Guest Network, assigned for visitors and most specifically Apple products we do not want or need on the main network.
The Ubiquiti gear and the DLink are set up to manage Vlan 1 and 2, the Virgin Media HomeHub 4 manages Vlan 3. As all Vlan 3 does is protect the rest of the network which is isolated by the Ubiquiti Security Gateway.
Vlan 1 has a single purpose. That is to Isolate IOT devices from our PC’s and Phones. Giving us a lot more secuirity. All devices on this Vlan connect directly via the Ubiquiti Access point on the first floor, which is powered by the DLink, which currently also manages the Ubiquiti camera that monitors the front door. All FireTV’s also connect here. A Single Server resides on this network, it is a Micro factor Microfine M6 that is responsible for doing one job, managing the Weather station and it’s associated devices, and managing the attatched remote website.
VLan 2 is a completely Isolated Vlan that has a lot of security to protect our PC’s and Phones from hopefully just about every form of attack possible (Well save attacking the network physically)
Over all I am happy with the network, Eventually I will need to replace the UAP with one that isn’t soley 2.5Ghz. However the weather station runs on that frequency so it may well be a number of years away yet.
Hi I am Marcus, MM0ZIF, a licenced Radio Amateur, Doctor of Musicology, amateur weather enthusiast. I over the years have been a Amateur Radio Tutor, Examiner, and a Regional Manager for the Radio Society of Great Britain.
This site is dedicated more towards Amateur Radio and Weather, with an angle on Technology too. I also maintain https://havenswell.com/ which is my other blog which is more aimed at cooking, hobbies and life in general as well as businness and networking.