I realized I was at risk by having smart devices on my normal network, so decided to move them to my guest network.
I don’t like my smart tv, but it’s all I have to work with for now. I want to keep it on my guest network, but still stream using jellyfin. I see on my netgear router there is an option to “let devices on guest network see other devices and access local network” which would probably allow it to see my jellyfin server, but then doesn’t that defeat the point of a guest network? Maybe I need to learn what a reverse proxy is…jellyfin server is currently on windows (not my pc) but could move it to my linux pc if needed.
And yes, I plan to get a media center linux box in the future so I don’t have to deal with the garbage smart tv os!
Disclaimer: I’m not a networking guy, but I’ve worked with them.
If you’re looking for security, you set up vlans. I don’t know enough about your setup to know if you setup a vlan, or just a separate subnet.
The goal is to have separate vlans, to block all traffic between the two networks, and then add exceptions in the ACL. The ACL is essentially a firewall between the two vlans.
With this in place the smart device can’t scan your network to gather info. Also, if it gets infected, it can only attack through the opened routes or the other devices on the vlan.
I just saw that i have a vlan/iptv setup that I can apply as a bridge on the guest network the tv is on. That seems right ?
Unsure, does this answer help?
https://community.netgear.com/discussions/Orbi/what-is-vlanbridge-and-should-i-enable-it/1934301
If what that says looks right, then that’s probably not what you’re looking for.
Yeah this doesn’t seem right. Im not sure my router supports running a vlan and allowing certain services through to lan
I think netgear makes the guest network a subnet.
Im going to look into a vlan with all exceptions. It’s a nighthawk router so I think it has those features. Haven’t gotten around to putting dd wrt on it yet