Noob question on networking, VLANs, and access

Hi,

Have a bit of a noob question, but just want to wrap my head around something. Currently running pfSense (on hardware) and the LAN port feeds into a managed switch. I’ve been playing around with VLANs and am experimenting with a secured personal VLAN and another isolated for work devices (keep company tracking items separate).

Now, here is what I’m thinking. I’m adding some IoT automation (Home assistant, tablet dashboards, etc). I want to keep the IoT devices separate, but I want to be able to control/monitor from a device on the secured network. For example, I’d like to view the Home Assistant dashboard (IoT VLAN) from my personal cel phone (secure VLAN).

Is something like this possible without too much craziness? Thanks for your insights.

Sure that’s possible, I have the setup for my IoT / IPcam / guest vlans, they cannot see my other vlans but my main vlan can see them.

I just created an alias with the subnets, in the rules I allow LAN/vLAN access by using the alias in the rules for my main vlan, then just deny access on the IoT / IPcam / guest vlans.

If you’re using pfSense it’s fairly straight forward.