I’ve been diving into my recently purchased Asus router with VLAN capability, but I’m quickly realizing that I can’t create VLANs and allow traffic between them. I can create Wifi networks on separate subnets, and I can assign ports as Access or Trunk ports. I’ve created an Access port, which then assigns it it’s own subnet, but I can’t allow access to that subnet from, for example, my PC on the main LAN.
What am I missing? Do I need a managed switched (in addition to a VLAN-capable router) in order to take advantage of allowing specific access between VLANs?
VLANs are primarily used to isolate traffic. Firewall rules are needed to allow/deny traffic between the various VLANs.
I am also trying to look into this - do you know if Merlin’s firmware solves some of these issues at all?
It doesn’t. In fact, Merlin removes any VLAN capability. I ended up returning my Asus router and going all in with TP-Link Omada hardware and I can do everything I want and more.
Unfortunately too far out to return the router at this point. I’ll have to live with it.