Guest SSID vs AP Isolation
Hi,
I am trying to setup a wireless VLAN for IOT devices in my home network using a TP-LINK EAP245.
I do not want my IOT devices to communicate between each other, but I still want to be able to manage them from a different VLAN and control them using firewall rules.
When I enable "Guest" on the IOT SSID, all communication between the devices is halted save for ARP and some other protocols. But from what I understand, access to all private networks is also denied.
I suspect the latter part is preventing me from accessing my IOT network.
It seems that the "Guest" option produces a catch 22 in this use case; I can't manage my IOT devices and isolate them at the same time.
I wish TP-Link could decouple this option so that intra-VLAN blocking and private network blocking are separated.
Unless someone has a better way of doing this without resorting to the controller software.
Thanks.