Port forwarding for Guest Network or separate IoT network

Problem statement is that most IoT devices (webcams, IoT toothbrushes, baby cameras, etc.) have abysmal security, are lousy w backdoor credentials and sometimes have massive attack surfaces.  Dumb to leave these on the same network as your personal data (PC, laptop, NAS, tablets, etc.).

Unfortunately if you put these widgets in the Guest network today they can't talk to each other, nor can you port forward to them (used to let you log into a camera for viewing or config).


I think it would be *very* marketable for EERO to support an approach to securely deploy untrusted IoT devices - this would either be by allowing port forwarding the guest network, or by allowing the creation of another network construct/SSID that has the same but separate characteristics of the main network (clients can talk to each other within the IoT network, port forwarding is allowed, same DHCP server is used BUT the IoT network clients cannot communicate with the main network clients).

This should be easy to implement and would be a differentiating marketing feature - Eero lets you do IoT securely.

What do you all think?

3 replies

    • omnicoreinc
    • 5 yrs ago
    • Reported - view

    Sounds like doubling the processing work on the device. COOL idea

    • jeffgarretson
    • 3 yrs ago
    • Reported - view


    • novamario
    • 2 yrs ago
    • Reported - view

    YES! Using the guest network is an option but not for all. For example my solar inverter is connected via ethernet so the guest SSID won't work for that.

Content aside

  • 9 Votes
  • 2 yrs agoLast active
  • 3Replies
  • 430Views
  • 4 Following