Re: IoT SSID on G3100
jlg21
Enthusiast - Level 3

In the disagreement between Observer and Cang_Household, I agree with Observer.  His use of "misleading" may be a vague in that Verizon is not technically lying.   But in my opinion, when a user sees a special SSID is designed for IoT devices, it's reasonable to assume that it meets FBI security standards for home users.  Sure, Cang_Household is right that for sketchy equipment makers, the user should dig deeper.  But a lot of folks don't expect Verizon to be that sketchy.  So it's probably fair for Observer to use the word misleading.

0 Likes
Re: IoT SSID on G3100
Observer1
Enthusiast - Level 3

No.  I posted several months ago that I did not observe this limitation (it must have been removed in a firmware update before my first usage).

This made the guest network the preferred choice for associating IoT devices, since they are on a separate subnet and VLAN, and thereby isolated from devices on the main network.  (Your real guests will have to coexist with IoT devices, but that's the best the product will do until it has been fixed to properly isolate the IoT network.)

IMO, the IoT network is useless because it does not provide the FBI-recommended isolation.

I also posted information about the hardcoded guest network VLAN ID (undocumented), which can be used to connect wired IoT devices to this router/extender (same VLAN/subnet isolation).

0 Likes
Re: IoT SSID on G3100
jlg21
Enthusiast - Level 3

Regarding Observer's original post, I think given the low cost of Wi-Fi routers, the easiest way to follow FBI recommendations for security of home networks is to buy an inexpensive separate Wi-Fi router. 

You can set it up as your IoT network and connect it to the G3100 by wired ethernet.  You should take care that the separate Wi-Fi router is set up as a router, as opposed to an access point, since many inexpensive devices give the user a choice.   To avoid confusion, you should make sure it's not on the default 192.168.1.xxx subnet that the G3100 uses for Primary and IoT.  Since I don't know much about radio interference, I'd put some distance between the two Wi-Fi stations just to be safe.

0 Likes
Re: IoT SSID on G3100
Observer1
Enthusiast - Level 3

@jlg2 wrote:

Regarding Observer's original post, I think given the low cost of Wi-Fi routers, the easiest way to follow FBI recommendations for security of home networks is to buy an inexpensive separate Wi-Fi router.


Yes, you can do that.  However, you could more easily just use the Guest network, which is isolated on its own VLAN (and its own subnet).  There is no 10 device limit (contrary to earlier reports).  The only downside is that your visitors (guests) will have to temporarily be on the same network as the IoT devices.  I'm OK with that compromise because I don't have to go through the hassle of setting up multiple parallel Access Points for the IoT devices.  I let the G3100 plus extender handle all the household WiFi needs (>500Mb/s speeds) on two networks:  Main and Guest.  I disabled SON and the IoT SSID.  I can then enjoy a single dashboard to view/manage all my devices using my FIOS connection, whether hardwired or via WiFi, and whether on Guest or Main network. 

Also, for those willing to handle some "fiddle factor", you can also connect properly isolated IoT devices on the G3100 Guest network via Ethernet if you have a smart switch that supports VLANs.

Re: IoT SSID on G3100
jlg21
Enthusiast - Level 3

About Observer's post on the connection limitation to the "Guest" subnet 192.168.200.xxx.  Did I understand correctly that there is no longer a 10-connection limit on the Guest subnet?  If so, then most folks should disregard my recommendation about getting a separate Wi-Fi router and, as Observer posted, just use the guest subnet for IoT devices that should not have access to your communication devices.

A separate router would still be an advantage in a situation like mine where I occasionally have multiple guests with multiple devices who need a separate subnet that does not isolate all their devices from one another.  This is a separate issue from IoT security. 

In my opinion, Verizon could solve all these problems by modifying the firmware so that users could create their own subnets to suit their situations.
 

0 Likes
Re: IoT SSID on G3100
NewtoFiOSBB
Enthusiast - Level 3

I've so lost my IT expertise as I've aged. Can someone just tell me straight up what I should do? I've always kept the guest wifi disabled. When the IoT option arrived and 5 ghz became two  and your original 2.4 still there obvi I just started dividing all my wifi connected devices and just my Hue Bridge connected by Ethernet wire - amongst all four of them 😜 leaving guest mode disabled. Never really used SON I compete with one competent neighbor for the two worlds of 5Ghz channels and have DFS enabled. Ended up here because I realized my stupid you were Roku can't see my five gigahertz ssids...read it's because I have DFS enabled but should be able to see if your higher channels connection is above channel 149. 

I'm now just one person in a three story 1500 sq ft house. I stupidly put a few things on the IoT after naming and enabling it. Could one of you much savvier IT people just tell me what to do? Lol sounds like disable IoT and just put my bulbs and dumb Alexa's that  ever answer me right but I've had too long to get rid of, back across the 2.4 and two 5's? Is there any real benefit or point to enabling the Guest network I've never used and loading it up with my IoT's which btw I'm not even sure everything that is applicable in that category and I only have freaking 16-18 devices connected in total in the first place lol just for reference! My Roku is on 2.4 and want it in 5 as I use it a lot and gives me some issues some times.

Thanks so much for direction in advance guys!!! Take care!

0 Likes
Re: IoT SSID on G3100
anderson30
Newbie

I can confirm it's possible to connect more than 10 devices wirelessly to the Guest network, I'm currently using that as a workaround to isolate network traffic to IoT devices.

0 Likes