Advice for setting up my network

The questions I have are not really covered by the other threads. I’m more asking for the correct or accepted method of doing things.

I am going to set up y home network using TP-Link hardware. I have their controller, router, switch and APs. My requirements are that the various Vlans all have access to the internet, but absolutely no access to each other.

I am proposing to have my computers, printers and the NAS on one Vlan. The smart TV and streaming device on another, my security system on it’s own and my camera system on it’s own.

Currently, I have no need for anything on my wireless connections to have access to anything except the internet.

So, to my question: Knowing my TP-Link router and switch have a default Vlan (1) on the system, Should I put each of the Vlans mentioned on separate Vlans and not connect anything to Vlan 1? Or should the controller and router be on Vlan 1 and everything else on other Vlans?

And, is there anything else I should know?

Yes, you can configure a VLAN for each separate network and keep VLAN 1 / Native VLAN just for the devices.

BlockquoteYes, you can configure a VLAN for each separate network and keep VLAN 1 / Native VLAN just for the devices.

Are you saying I should put the router/firewall and the controller on Vlan 1?

You might start off like that, but you’ll probably end up needing some cross vlan communications.

Personally, I have several vlans running, where they align to 3rd octet. e.g.
MGMT -192.168.10.0
ISP - 192.168.20.0
VPN - 192.168.30.0
etc.

Various devices might use the lower vlan numbers for default traffic such as voice etc. Just start your numbering at 10 and you’ll probably save yourself some future hassle.

Yes, put the router/firewall/AP/switch on VLAN 1 / Native.

THAT’s what I needed to hear! Thanks a bunch!