I’ve got a Netgate 2100 router. I’ve set up
LAN - 10.0.1.1
VLAN30 (IoT network) - 172.16.30.1
I keep my phones and all IoT devices on the IoT network. However the Synology (10.0.1.50) is on the LAN. I am running a docker container that has Home Assistant. It is running on port 8123. How do I create a rule that will allow my phone and any other device I want to access the 10.0.1.50:8123. Or should I be setting up the docker container on a 172.16.30.? address so it is accessible. Anyone have any thoughts?
I think for simplicity it would be easier to setup your container on the IoT network. I think you will have more of a headache in the long run if you separate the networks because they don’t like to talk over VLAN’s. Otherwise you might have to use mDNS.
Trying to span Home Assistant across VLans is a difficult task and not worth the effort. If you have multiple ethernet ports on the Synology, assign one to the VLan or put it on the VLan with your other devices.
I do have multiple ethernet ports. Is it possible to configure another port to VLAN30 and then configure the docker container to connect to that ethernet port?
Yes you can assign to the VLAN ip and tag. No additional configuration for Home Assistant in Docker. The question is why do you consider the NAS as being a trusted device since you are running Home Assistant with plugins?
You can also just setup a firewall rule in the VLan for port 8123 and it should work.