121

802.1Q VLAN Trunking

In addition to the ability to add multiple SSIDs and assign VLANs to each, 802.1Q trunking for these vlans would be required to allow the EERO to tag traffic that is being sent out. 

76replies Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • Please add this feature, it is wise for those savvy enough to use it and can be left disabled for those that don’t want to. 

    Like
  • Please update this thread on Eero's timeline for this important security feature.  This has become a huge issue for IoT and best practice security.

    Like
  • Its been three years, you really think they will implement this?  The target market is not us or anyone who actually cares enough to learn about proper networking.  Eero is the Apple of WiFi, and I dont mean that in a positive way.  Plug it in, trust us, its magic.  Somehow modifying DNS is an advanced feature, what a joke.

    Like
  • Finally had enough, I have an an Eero Pro and the Beacon around 6 months old that I am getting rid of for Ubiquity, any takers?  Hit me up at zman442 at gmail dot com.

    Like
  • Oh wow I just just looking for them it can’t be coincidence. 

    Like
      • zman442
      • zman442
      • 5 mths ago
      • Reported - view

      depocu Dont get me wrong, I have been using them happily for about 6 months.  The app is great for turning off the kids internet for dinner, bedtime and homework.  They are rock solid stable and fast with amazing coverage, 2800 sqft house and everything gets full speed regardless of channel and all the wireless smog of my neighbors wifi routers with just the Pro unit and Beacon.

      I am building out my lab for my network certifications and really wanted to keep these but I need something with VLAN support.  I have them on eBay if anyone is interested;

      https://www.ebay.com/itm/153961828029#viTabs_0

      Like
  • As a security professional this is a deal breaker. I just bought the 3 pro set up and I think I’ll be returning it. The ability to support multiple networks beyond primary guest is a basic security feature today, remarkable they have missed the mark here. 

    Like 1
      • Phatfred
      • Phatfred
      • 4 mths ago
      • 1
      • Reported - view

      Phatfred  To add, there are several Mesh AP systems out there that will do this already in the same price range.  I unless I hear that its in pipeline soon I will likely be returning this and switching to Ubiquity. 

      Like 1
      • zman442
      • zman442
      • 4 mths ago
      • Reported - view

      Phatfred I recently sold me eero mesh system and upgraded to Ubiquiti, one nanoHD AP provided coverage to my whole house whereas before I needed two eero APs in a mesh.  I upgraded my whole house to managed switches, POE and ONE nonHD AP under my stairs and I get everything needed for fantastic wireless, VLANs, QoS, guest access, DHCP relays without the needed to use my phone to setup anything.  I always hated needing to use my phone, which I literally only touch when I leave the house, to setup and manage my HOME network and the feedback in other eero forums that somehow, magically, controlling my home router from the internet over an exposed API, is more secure than managing from an internal only network that cannot be accessed from outside the home unless I actually choose to use the cloud version.

      Ill say this again, eero is the Apple of wireless networking, dumb it down, make it stable, remove functionality and convince people that you dont need the features you think you actually need THEN implement minuscule changes, create your own naming convention, attempt to establish your own standard and announce to the world how great it is when you turn features back on that other systems have had for years behind some ridiculous name change.

      Granted, there is a large segment of the population that eero will work for just fine but for those who understand networking and security eero just does not fit.

      Like
  • Adding this would really put it over the top into amazing territory. Or at least adding support for a DMZ.

    Like
  • I have loved the performance and stability of my Eero’s, but the lack of company response on this topic (SSIDs, VLANs and VLAN trunking) has been really disappointing.  I unfortunately will have to dismantle this reliable (5 eero) WLAN and migrate to Ubiquiti or some other option with mature security features.

    Like
      • eraser1320
      • eraser1320
      • 3 mths ago
      • Reported - view

      mike I feel you, but I run pfsense behind it. As soon as they add these features I'd likely drop it and only use the eero.

      Like
  • So, Is there any update on 3 years old feature request??

    Like
  • I’m a new eero pro user, and so far the performance and reliability are much better than my Linksys Velop mesh. I really want to leverage this with my IoT segregation using a managed switch with 802.1Q and pfSense. I’m going to have to set the Velop back up as dedicated IoT mesh and segregate there. Quite ridiculous.

    Someone, please, please, please... give an official update. Even unofficial would be good.

    Like
  • This would convince me to keep my Eeros and not jump to Unify AP products. Unify AP's can have up to four SSID's per AP and vlans.

    Like
  • +1 from me. Any news on this? Request was first made three years ago. Is the hardware on the Eero actually capable of supporting VLANs with just a firmware update? Some kind of definite answer would be appreciated or I might need to (very reluctantly) sell my Eeros and move to a different AP, Ubiquiti maybe. Much rather stick with Eeros as I now have 6 units. Can someone please at least give an update?

    Like
  • This is from one of the developers: 

    My semi-informed guess: it's not happening anytime soon. I'm just going to setup a new IoT WiFi Mesh with my old Generation 2 Pro nodes, then do the trunking of all that traffic when it hits the physical port of my managed switch.

    Like
  • Hi Eeromn2020

    So do you mean you will run two totally separate wifi networks from one managed switch? Is that right?

    Like
  • I just left my IOT devices on eero (bridged mode and assigned it to an iot vlan) and migrated everything else to Unifi products since they support multiple VLANs.

    Like
  • OK thanks md. I also (I guess like many others) am aiming to isolate my IOT but share single incoming WAN with my main network using VLANs from my managed switch. I have two separate sets of Eero if necessary so I guess if no VLAN support on Eero anytime soon I will just need to do it that way.

    Like
    • Max Yup, you should be able to use your managed switch's VLAN support, with the separate wifi networks terminating at two separate wifi 'gateway nodes', each of which is physically plugged via Ethernet into a separate port on the switch, and those switch ports assigned to separate VLANs. Then you can do whatever you need, based on your specific network topology and hardware.

      In my case I defined a single physical ethernet port on my firewall as a VLAN parent interface, connected it to a trunk port on my managed switch, and set it up to read VLAN tags in the Ethernet frames and apply the appropriate policy. You could setup two RFC 1918 /24 subnets, one for IoT and one for the rest. The VLAN config takes care of separating the traffic 'into' the correct subnet, and then you can apply regular firewall rules as you need.

      Very, very simple, assuming your switch/router/firewall/etc all properly support VLANs.

      Like
  • Yes, I am sure it will. It is Firebrick 2700. Many thanks for the information.

    Like
Vote121 Follow
  • Status Under Consideration
  • 121 Votes
  • yesterdayLast active
  • 76Replies
  • 4055Views
  • 72 Following

Need Help? We're here for you!

We're big on support, and we want to make sure you always have the best eero experience possible. Here are several resources you can use if you ever need our help!


Quick links

Community Guidelines

Help Center

Contact eero support

@eerosupport

eero.com