175802.1Q VLAN Trunking
In addition to the ability to add multiple SSIDs and assign VLANs to each, 802.1Q trunking for these vlans would be required to allow the EERO to tag traffic that is being sent out.
-
Please add this feature, it is wise for those savvy enough to use it and can be left disabled for those that don’t want to.
-
Please update this thread on Eero's timeline for this important security feature. This has become a huge issue for IoT and best practice security.
-
Its been three years, you really think they will implement this? The target market is not us or anyone who actually cares enough to learn about proper networking. Eero is the Apple of WiFi, and I dont mean that in a positive way. Plug it in, trust us, its magic. Somehow modifying DNS is an advanced feature, what a joke.
-
Finally had enough, I have an an Eero Pro and the Beacon around 6 months old that I am getting rid of for Ubiquity, any takers? Hit me up at zman442 at gmail dot com.
-
Oh wow I just just looking for them it can’t be coincidence.
-
depocu Dont get me wrong, I have been using them happily for about 6 months. The app is great for turning off the kids internet for dinner, bedtime and homework. They are rock solid stable and fast with amazing coverage, 2800 sqft house and everything gets full speed regardless of channel and all the wireless smog of my neighbors wifi routers with just the Pro unit and Beacon.
I am building out my lab for my network certifications and really wanted to keep these but I need something with VLAN support. I have them on eBay if anyone is interested;
-
-
As a security professional this is a deal breaker. I just bought the 3 pro set up and I think I’ll be returning it. The ability to support multiple networks beyond primary guest is a basic security feature today, remarkable they have missed the mark here.
-
Phatfred To add, there are several Mesh AP systems out there that will do this already in the same price range. I unless I hear that its in pipeline soon I will likely be returning this and switching to Ubiquity.
-
Phatfred I recently sold me eero mesh system and upgraded to Ubiquiti, one nanoHD AP provided coverage to my whole house whereas before I needed two eero APs in a mesh. I upgraded my whole house to managed switches, POE and ONE nonHD AP under my stairs and I get everything needed for fantastic wireless, VLANs, QoS, guest access, DHCP relays without the needed to use my phone to setup anything. I always hated needing to use my phone, which I literally only touch when I leave the house, to setup and manage my HOME network and the feedback in other eero forums that somehow, magically, controlling my home router from the internet over an exposed API, is more secure than managing from an internal only network that cannot be accessed from outside the home unless I actually choose to use the cloud version.
Ill say this again, eero is the Apple of wireless networking, dumb it down, make it stable, remove functionality and convince people that you dont need the features you think you actually need THEN implement minuscule changes, create your own naming convention, attempt to establish your own standard and announce to the world how great it is when you turn features back on that other systems have had for years behind some ridiculous name change.
Granted, there is a large segment of the population that eero will work for just fine but for those who understand networking and security eero just does not fit.
-
-
Adding this would really put it over the top into amazing territory. Or at least adding support for a DMZ.
-
I have loved the performance and stability of my Eero’s, but the lack of company response on this topic (SSIDs, VLANs and VLAN trunking) has been really disappointing. I unfortunately will have to dismantle this reliable (5 eero) WLAN and migrate to Ubiquiti or some other option with mature security features.
-
mike I feel you, but I run pfsense behind it. As soon as they add these features I'd likely drop it and only use the eero.
-
-
So, Is there any update on 3 years old feature request??
-
I’m a new eero pro user, and so far the performance and reliability are much better than my Linksys Velop mesh. I really want to leverage this with my IoT segregation using a managed switch with 802.1Q and pfSense. I’m going to have to set the Velop back up as dedicated IoT mesh and segregate there. Quite ridiculous.
Someone, please, please, please... give an official update. Even unofficial would be good.
-
This would convince me to keep my Eeros and not jump to Unify AP products. Unify AP's can have up to four SSID's per AP and vlans.
-
+1 from me. Any news on this? Request was first made three years ago. Is the hardware on the Eero actually capable of supporting VLANs with just a firmware update? Some kind of definite answer would be appreciated or I might need to (very reluctantly) sell my Eeros and move to a different AP, Ubiquiti maybe. Much rather stick with Eeros as I now have 6 units. Can someone please at least give an update?
-
This is from one of the developers:
- https://www.reddit.com/r/eero/comments/jmq4ka/will_all_preorders_through_eerocom_ship_today/gaz4a5j/
My semi-informed guess: it's not happening anytime soon. I'm just going to setup a new IoT WiFi Mesh with my old Generation 2 Pro nodes, then do the trunking of all that traffic when it hits the physical port of my managed switch.
-
Hi Eeromn2020
So do you mean you will run two totally separate wifi networks from one managed switch? Is that right?
-
I just left my IOT devices on eero (bridged mode and assigned it to an iot vlan) and migrated everything else to Unifi products since they support multiple VLANs.
-
OK thanks md. I also (I guess like many others) am aiming to isolate my IOT but share single incoming WAN with my main network using VLANs from my managed switch. I have two separate sets of Eero if necessary so I guess if no VLAN support on Eero anytime soon I will just need to do it that way.
-
Max Yup, you should be able to use your managed switch's VLAN support, with the separate wifi networks terminating at two separate wifi 'gateway nodes', each of which is physically plugged via Ethernet into a separate port on the switch, and those switch ports assigned to separate VLANs. Then you can do whatever you need, based on your specific network topology and hardware.
In my case I defined a single physical ethernet port on my firewall as a VLAN parent interface, connected it to a trunk port on my managed switch, and set it up to read VLAN tags in the Ethernet frames and apply the appropriate policy. You could setup two RFC 1918 /24 subnets, one for IoT and one for the rest. The VLAN config takes care of separating the traffic 'into' the correct subnet, and then you can apply regular firewall rules as you need.
Very, very simple, assuming your switch/router/firewall/etc all properly support VLANs.
-
-
Yes, I am sure it will. It is Firebrick 2700. Many thanks for the information.
-
omg. this is horrible. Getting a firewalla gold soon to give me better visibility/control. But without VLAN support with Eero, that really ties my hands.
-
My eeros seem to have updated last night to eeroOS 6.3.0 and the release notes include:
Support for Internet uplink VLAN tagging on eero Pro 6 and eero 6
-
beej That is only for a WAN link that needs VLAN support for whatever CPE the ISP requires. It unfortunately doesn’t add any type of VLAN support to the LAN.
-
-
WOW. What brought me here was originally https://community.eero.com/t/q5rnf6/block-devices-from-internet-but-allow-local-lan this topic where I just wanted to block outbound traffic from certain devices. I realized EERO will probably never support any kind of simple user-managed firewalling so I decided to implement my own and place EERO in bridge mode. Now I'm finding this topic which means even if I get a great router upstream from EERO i still won't be able to isolate devices in this way. Kind of infuriating that a "pro" device (and "pro" pricing) has almost zero pro features.
-
Mdam1921 you also lose a lot of wireless features in Bridge mode such as automatic channel switching (You only get fixed default channels regardless of your environment) in bridge mode.
-
txgunlover surely that means I can manually change channels.. right?
-
Mdam1921 you would think that, wouldn't you 🤬
-
-
Hello and welcome to 2022. Any updates on this feature request?
-
Interested as well...Eero, you have a great product and are not cheap. I honestly expected this as a standard feature at the pricepoint.
-
Can't believe this still hasn't been addressed :(
-
This would be a great feature for several reasons. I would be happy with even a limited release that allowed 2 VLAN tags.
Some reasons this is needed are:
- Security against vulnerabilities in smart home devices
- Reduce broadcasts and limit multicasting
- Better control of guest devices on the network (like not allowing guests to access your network shares)
- More options for QoS and rate-limiting
- Unlocks downstream firewall features to better manage devices
Every AP in the eero6 price range has this feature already. I bought the "pro" version because I foolishly assumed this was a basic feature of any "pro" AP. I am now sadly regretting not going with Netgear or Linksys. Even worse, this feature request has been sitting with no response for 5 years so it seems like I'm wasting my time asking for this most basic "pro" feature.
-
I literally made an account on this just to upvote and comment on this issue. I'm getting ready to upgrade to wifi6+ nodes and it is a hard sell without this feature especially when the competitors have it.
Is this even on the roadmap has there been a response from eero/amazon?
