Pune. Not spending more than 10k on a switch.
How about this single switch to rule them all?
No need to get me 2 managed switches plus another poe switch for ip cameras (I’ll use cheap poe injectors for them).
I think it supports most of the managed functions needed.
Goes around for 8k.
1 Like
Reliability . Plus a hell a lot of features . If you have some basic knowledge of vlan you can do it . Cisco documentation is also quite good with many forums .
Oops, didn’t notice the VLAN C. In any case, I think a smart switch is enough for your case. TP-Link TL-SG1016PE has both VLAN tagging and POE, and is 8k.
I think this can be done at the router - you don’t need to a separate VLAN for this. A VLAN for a single device is overkill. Combine B and C into one VLAN B. VLAN B doesn’t have access to internet by default, but the NVR and the IP Cam (within VLAN B) has access to internet. Also, your VLAN A can initiate access to VLAN B, but VLAN B cannot initiate access to VLAN A. In fact it may be be better to move the NVR to VLAN A.
I know this is possible on PfSense and Unifi, so should be possible on Omada firewall too. Here a good video on how to set it up for Unifi (doesn’t help you directly, but explains the concept)
Don’t think so, as VLANs are layer 2 while IP is layer 3. What type of attack vector are you considering? Maybe someone overwrote the firmware of your IP Cams to impersonate the MAC of your NVR?
1 Like
Sorry for the late reply.
Think of spoofing the IP and mac address and making the router believe that the device belongs to some different vlan.