Accessibility Resource Center Skip to main content
Have a phone you love? Get up to $500 when you bring your phone.

IoT SSID on G3100

Reply
jlg2
Copper Contributor
Copper Contributor
Posts: 19
Registered: ‎12-29-2020

Re: IoT SSID on G3100

Message 11 of 15
(641 Views)

In the disagreement between Observer and Cang_Household, I agree with Observer.  His use of "misleading" may be a vague in that Verizon is not technically lying.   But in my opinion, when a user sees a special SSID is designed for IoT devices, it's reasonable to assume that it meets FBI security standards for home users.  Sure, Cang_Household is right that for sketchy equipment makers, the user should dig deeper.  But a lot of folks don't expect Verizon to be that sketchy.  So it's probably fair for Observer to use the word misleading.

Observer
Nickel Contributor
Nickel Contributor
Posts: 28
Registered: ‎09-19-2021

Re: IoT SSID on G3100

Message 12 of 15
(638 Views)

No.  I posted several months ago that I did not observe this limitation (it must have been removed in a firmware update before my first usage).

 

This made the guest network the preferred choice for associating IoT devices, since they are on a separate subnet and VLAN, and thereby isolated from devices on the main network.  (Your real guests will have to coexist with IoT devices, but that's the best the product will do until it has been fixed to properly isolate the IoT network.)

 

IMO, the IoT network is useless because it does not provide the FBI-recommended isolation.

 

I also posted information about the hardcoded guest network VLAN ID (undocumented), which can be used to connect wired IoT devices to this router/extender (same VLAN/subnet isolation).

jlg2
Copper Contributor
Copper Contributor
Posts: 19
Registered: ‎12-29-2020

Re: IoT SSID on G3100

Message 13 of 15
(636 Views)

Regarding Observer's original post, I think given the low cost of Wi-Fi routers, the easiest way to follow FBI recommendations for security of home networks is to buy an inexpensive separate Wi-Fi router. 

You can set it up as your IoT network and connect it to the G3100 by wired ethernet.  You should take care that the separate Wi-Fi router is set up as a router, as opposed to an access point, since many inexpensive devices give the user a choice.   To avoid confusion, you should make sure it's not on the default 192.168.1.xxx subnet that the G3100 uses for Primary and IoT.  Since I don't know much about radio interference, I'd put some distance between the two Wi-Fi stations just to be safe.

Observer
Nickel Contributor
Nickel Contributor
Posts: 28
Registered: ‎09-19-2021

Re: IoT SSID on G3100

Message 14 of 15
(632 Views)

@jlg2 wrote:

Regarding Observer's original post, I think given the low cost of Wi-Fi routers, the easiest way to follow FBI recommendations for security of home networks is to buy an inexpensive separate Wi-Fi router.


Yes, you can do that.  However, you could more easily just use the Guest network, which is isolated on its own VLAN (and its own subnet).  There is no 10 device limit (contrary to earlier reports).  The only downside is that your visitors (guests) will have to temporarily be on the same network as the IoT devices.  I'm OK with that compromise because I don't have to go through the hassle of setting up multiple parallel Access Points for the IoT devices.  I let the G3100 plus extender handle all the household WiFi needs (>500Mb/s speeds) on two networks:  Main and Guest.  I disabled SON and the IoT SSID.  I can then enjoy a single dashboard to view/manage all my devices using my FIOS connection, whether hardwired or via WiFi, and whether on Guest or Main network. 

 

Also, for those willing to handle some "fiddle factor", you can also connect properly isolated IoT devices on the G3100 Guest network via Ethernet if you have a smart switch that supports VLANs.

jlg2
Copper Contributor
Copper Contributor
Posts: 19
Registered: ‎12-29-2020

Re: IoT SSID on G3100

Message 15 of 15
(623 Views)

About Observer's post on the connection limitation to the "Guest" subnet 192.168.200.xxx.  Did I understand correctly that there is no longer a 10-connection limit on the Guest subnet?  If so, then most folks should disregard my recommendation about getting a separate Wi-Fi router and, as Observer posted, just use the guest subnet for IoT devices that should not have access to your communication devices.

A separate router would still be an advantage in a situation like mine where I occasionally have multiple guests with multiple devices who need a separate subnet that does not isolate all their devices from one another.  This is a separate issue from IoT security. 

In my opinion, Verizon could solve all these problems by modifying the firmware so that users could create their own subnets to suit their situations.
 

How-To Videos
 
The following videos were produced by users like you!
   
Videos are subject to the Verizon Fios Community Terms of Service and User Guidelines and contains content that is not created by Verizon.
Have a spare Fios-G1100?Learn how to bridge it into your network
Get Started


Covid19

Browse Categories
Categories:
Posts

Verizon Troubleshooters
Unable to find your answer here? Try searching Verizon Troubleshooters for more options.
Modal Dialogue Title