Need help understanding IoT network and isolation
Hi all, I'm new to TP-Link devices. I'm have some difficulty understanding the connectability between devices whether they are in a regular network or an IoT network, and whether they are isolated or not.
The issue that brought me to this question is that I just got my BE800 and added all my Amazon Echo speakers (Alexa) to the IoT Wi-Fi. After that, I found my previous set for stereo pairs no longer works.
Stereo pair is basically using two identical Echo speakers for left / right channel respective to create a true stereo effect, sync between the two speakers should be through LAN, so they are required to be in the same network.
From what I understood, IoT network is not the same thing as guest Wi-Fi, which disallows communication between devices in the network, is it correct? If so, I couldn't figure out why my Echo speakers failed to sync with each other.
In what I've tested, when two devices are both in IoT Wi-Fi, they can ping each other sometimes, but sometimes they cannot. If I put them in the "isolated devices" list, they are unable to communicate anymore.
This is another point that confused me. I read that isolated devices should still be able to link to other isolated devices, but it happens not to be the case in my test.
The only successful connection is from an un-isolated device in IoT network to one in the regular network.
It's greatly appreciated if someone can help me understand how these devices / networks communicate, or share their config successfully setup the Echo speakers in the IoT network. Thanks in advance!
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi, thank you very much for posting on TP-Link Community.
1. ioT network is not isolated with the main Wi-Fi or LAN network, that is why an un-isolated device in IoT network could still communicate with one in the regular network.
2. ioT network devices are allowed to communicate with each other as well
3. However, if one device is added into isolated device list no matter it is on ioT network or regular network, the isolated device will not be able to communicate with other un-isolated devices
4. For device isolation function, isolated devices can still access the internet and communicate with other isolated devices, please make sure AP Isolation is disabled on Advanced->Wireless->Additional Settings page, or all the WLAN client devices will be isolated with each other.
- Copy Link
- Report Inappropriate Content
I too would like to know more on this. I use AX55 routers which recently added an IoT network along with device isolation options. Perhaps this should be explained by TP-Link in a separate article on "Device Isolation in IoT networks".
- Copy Link
- Report Inappropriate Content
Hi, thank you very much for posting on TP-Link Community.
1. ioT network is not isolated with the main Wi-Fi or LAN network, that is why an un-isolated device in IoT network could still communicate with one in the regular network.
2. ioT network devices are allowed to communicate with each other as well
3. However, if one device is added into isolated device list no matter it is on ioT network or regular network, the isolated device will not be able to communicate with other un-isolated devices
4. For device isolation function, isolated devices can still access the internet and communicate with other isolated devices, please make sure AP Isolation is disabled on Advanced->Wireless->Additional Settings page, or all the WLAN client devices will be isolated with each other.
- Copy Link
- Report Inappropriate Content
Hi. I've been doing some testing today and Point number 4 in your post is not exactly true, at least with the AX55 router.
Using a PC to connect to the IoT network, and with the PC in the Isolated Devices list, the PC can connect to the internet but can not ping or work with any other isolated device. The ping returns a "destination unreachable" response. It is truly isolated.
The idea that isolated devices can communicate with each other is a good one, especially in some setup situations where a phone or PC must communicate with the device to get it configured. Perhaps an option can be added in future firmware releases which allows isolated devices to see each other, much the same as in the guest network.
CORRECTION 26/07/23: I stand corrected. Devices connected to the IoT network and isolated can communicate with each other. I confirmed this with an iPad instead of using a PC. For some unknown reason the PC would not connect to another device with a web interface during initial testing.
- Copy Link
- Report Inappropriate Content
Hi, thank you very much for sharing your test results, which will help a lot to other users.
If you have any other questions, please feel free to let us know.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@Sunshine
Hi,
I am still a bit confused. I have a second router connected to the BE 800's LAN port. If I isolate the second router through the Tether app, does it provide any protection to the other devices connected to the BE 800.
Also, if I setup a client VPN on the BE800 and associate it with the second router device, will this ensure that no clients on the second router can access the main network's clients, but still allow Internet on the devices on the second router?
My goal is to protect the TP Link BE 800 router and clients from harmful activity on the second router and/or its sevices.
- Copy Link
- Report Inappropriate Content
@AkazaRenn This doesn't make a whole lotta sense then. If router has the ability to create 1-2 separate wireless IoT networks, why wouldn't there be an ability to segregate the IoT networks from the main/primary? It should either be default, or at least an option. It would be safer to put all IoT devices on the Guest Network if that's the case. Need someone to explain this in plain english if I am wrong here. In summary, what I'm gathering here, is that the 2.4 & 5ghz IoT bands are specifically for organization only, and that those connected devices will still be able to transmit data (access) any devices on the primary network - hence posing further security risk...so you'd have to add each IoT device to the isolated devices list in order to cease any connection with primary network. In addition, any IoT devices that you need to communicate to each other, all have to be isolated as well. This is an interesting issue because if you want to voice control say via Alexa echo's (we have 2), then we have to add both Alexa devices plus all the IoT devices into the isolated device list, otherwise Alexa will not be able to control any of the "things." This seems awfully short-sighted unless I'm missing something here.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 8338
Replies: 8
Voters 0
No one has voted for it yet.