Hello, First thank you for this forum, i didn't find the presentation topic. Sorry.
I bought a Keenetic Router in order to separate my Desktop and laptop from IOT and domotic home automation objects. First, i looked the product range from OMADA TP LINK... but it seems to me a little bit too complicated and expensive just to separate computers at home...
I found KEENETIC, with its segmentation possibilities, and i decided to buy a little product, to see, to test... And now, my configuration, before and after :
My French Internet Provider provide us an ADSL Modem Router who doesn't have the ability to work in Bridge mode... And i didn't want to open a DMZ or make double NAT, and other things like that... so, my configuration was like this : all devices were connected to the router, router in 192.168.1.1 and all devices on the router or switch connected to it... everything in 192.168.1.xxx. With this configuration, i was afraid that my IOT devices can be a door to see and modify things in desktop or laptop...
Now, with KEENETIC Router, i have 2 Routers, the router from my internet provider and the Keenetic Carrier router :
My Provider ADSL Router 192.168.1.1 with DHCP mode activated, gives the address 192.168.1.37 to my Keenetic Router (A LAN Port of provider router connected to WAN port of Keenetic)
I created Segments in the Keenetic, Home segment 192.168.2.xxx and IOT segment 192.168.3.xxx. (See attached image)
IOT and domotics devices are connected to segment 192.168.3.xxx and my domotic server Home Assistant is connected to the Keenetic Ethernet Port 3 linked to the wifi IOT segment. (A precision : from outside, i have access to My domotic home assistant because i use Tailscale)..
My Printers, desktop and laptop are connected to the Home Segment. Home segment is also linked to Keenetic Ethernet LAN port 1 and 2.
Guest Wifi is not activated in its Segment and no association with any LAN port. (I hope you can understand, because i don't use the technical words... sorry).
With this configuration, do i have a little bit more security, is it more difficult for someone who can connect to domotic objects to connect to my desktop or laptop ? or is it the same as before when i didn't have keenetic and only 192.168.1.xxx range ?
When i connect a computer to Home segment Ethernet port, it can't Ping computer in IOT segment ethernet Port, and vice versa. So, i imagine there is a complementary security ?
Is it really more difficult to make communications between 2 separated segments of Keenetic router, even the main ADSL router from my provider is still here, giving to Keenetic the 192.168.1.37 address ? Because, all computers connected in all and any segment of Keenetic, can see the Provider router at the adress 192.168.1.1 ... so... I don't know... maybe it's all for nothing ?
You can post now and register later.
If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.
Question
jumpcom
Hello, First thank you for this forum, i didn't find the presentation topic. Sorry.
I bought a Keenetic Router in order to separate my Desktop and laptop from IOT and domotic home automation objects. First, i looked the product range from OMADA TP LINK... but it seems to me a little bit too complicated and expensive just to separate computers at home...
I found KEENETIC, with its segmentation possibilities, and i decided to buy a little product, to see, to test... And now, my configuration, before and after :
My French Internet Provider provide us an ADSL Modem Router who doesn't have the ability to work in Bridge mode... And i didn't want to open a DMZ or make double NAT, and other things like that... so, my configuration was like this : all devices were connected to the router, router in 192.168.1.1 and all devices on the router or switch connected to it... everything in 192.168.1.xxx. With this configuration, i was afraid that my IOT devices can be a door to see and modify things in desktop or laptop...
Now, with KEENETIC Router, i have 2 Routers, the router from my internet provider and the Keenetic Carrier router :
My Provider ADSL Router 192.168.1.1 with DHCP mode activated, gives the address 192.168.1.37 to my Keenetic Router (A LAN Port of provider router connected to WAN port of Keenetic)
I created Segments in the Keenetic, Home segment 192.168.2.xxx and IOT segment 192.168.3.xxx. (See attached image)
IOT and domotics devices are connected to segment 192.168.3.xxx and my domotic server Home Assistant is connected to the Keenetic Ethernet Port 3 linked to the wifi IOT segment. (A precision : from outside, i have access to My domotic home assistant because i use Tailscale)..
My Printers, desktop and laptop are connected to the Home Segment. Home segment is also linked to Keenetic Ethernet LAN port 1 and 2.
Guest Wifi is not activated in its Segment and no association with any LAN port. (I hope you can understand, because i don't use the technical words... sorry).
With this configuration, do i have a little bit more security, is it more difficult for someone who can connect to domotic objects to connect to my desktop or laptop ? or is it the same as before when i didn't have keenetic and only 192.168.1.xxx range ?
When i connect a computer to Home segment Ethernet port, it can't Ping computer in IOT segment ethernet Port, and vice versa. So, i imagine there is a complementary security ?
Is it really more difficult to make communications between 2 separated segments of Keenetic router, even the main ADSL router from my provider is still here, giving to Keenetic the 192.168.1.37 address ? Because, all computers connected in all and any segment of Keenetic, can see the Provider router at the adress 192.168.1.1 ... so... I don't know... maybe it's all for nothing ?
Thank you
3 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.