04-11-2022 05:23 AM
Dear community.
I'm running a pfSense router/firewall in front of my Google Nest mesh network and have dedicated WLAN interface for this one.
Works OK except for double NAT and having to setup port forwarding for specific cases.
Bridge mode would make it straightforward to separate WLAN devices but is for some reason not supported by Google Nest with a mesh network.
Thus is anyone aware how to separate insecure IoT devices (CCTV cameras in this case) in Google Nest?
Answered! Go to the Recommended Answer.
04-11-2022 09:21 AM
You can set up a single Nest WiFi Router in bridge mode in one Google Home, and another Nest WiFi Router in mesh (+ NAT/router) mode in another Google Home. That one can have secondary / mesh points, but those won't be talking to the one in bridge mode. You won't get clean hand-offs between them even if you configure them to use the same SSID and password. They will all be sharing a single 5GHz channel, though, so be aware of that when planning for capacity (they'll share it "nicely", at least).
04-11-2022 07:26 AM
I know some people have put their IoT devices on a Guest WiFi network. That will keep them separate from the main WiFi network, but it also means you can't really change the Guest WiFi network password very often.
04-11-2022 07:53 AM
Hi and thanks for proposal.
Changing guest WiFi password infrequent is not an issue but the guest WiFi feature only caters for granting/restricting access to other devices on the Google Nest WiFi mesh network.
I want to e.g. prevent these from accessing the Internet or certain domains/regions altogether, direct these through VPN etc.
04-11-2022 08:02 AM
You should be able to "pause" devices on the guest network, which will block them from accessing the internet (though an IoT device that is isolated on the guest WiFi and blocked from the internet may not be all that useful). But, you won't be able to limit which domains they can access (which is hard anyway, due to many IoT devices using their own DNS resolution). At the end of the day, Nest WiFi is focused on ease of use and covering 99.99% of typical consumer use cases. It's just not geared towards more fine-grained or low-level controls.
04-11-2022 08:23 AM
Thanks again.
I get the point although I am not entirely sure about this being a 0.01% use case.
I do have one idea however I want to explore - just got to think of it. It *should* be possible to run existing mesh network with only one router thus freeing up the other, creating a new home in the Google Home app and assign the router in bridge mode thus connecting to same pfSense router on new WLAN-IoT interface (CCTV do not need mesh or same coverage).
If it works I may even be inclined to purchase a third set of router + WiFi point/speaker set.
04-11-2022 09:21 AM
You can set up a single Nest WiFi Router in bridge mode in one Google Home, and another Nest WiFi Router in mesh (+ NAT/router) mode in another Google Home. That one can have secondary / mesh points, but those won't be talking to the one in bridge mode. You won't get clean hand-offs between them even if you configure them to use the same SSID and password. They will all be sharing a single 5GHz channel, though, so be aware of that when planning for capacity (they'll share it "nicely", at least).
09-02-2022 11:37 PM
Moved to a new thread