Reasons to create a dedicated WiFi network for home automation devices
We are sure that, on many occasions, you have had problems when connecting the different home automation devices to the WiFi wireless network in your home. It is possible that sometimes you have not been able to connect them due to the security applied to your own network, on other occasions you have detected that they disconnect sporadically, and even lose the connection permanently. We are going to explain why it is advisable to create a dedicated network for computers with WiFi, laptops and smartphones, and another specific network for home automation devices.
Smart Connect and band-steering
Smart Connect technology allows us to unify the 2.4GHz and 5GHz frequency bands in the same SSID and authentication, in this way, we will only see a WiFi network when we go to connect to the wireless network. In the event that you activate this function you will have a unified WiFi network, if you deactivate it, you will have to put an SSID and authentication to each frequency band that you have in your router.
When we activate the Smart Connect, the band-steering functionality is automatically activated. This feature allows the router to place us in one frequency band or another, depending on various data:
- Current coverage of the WiFi client that wants to connect.
- Number of WiFi clients in the different frequency bands.
- Maximum sync rate that the wireless client will support.
It should also be taken into account that the routers incorporate a band change rejection system for a few seconds to avoid “flapping”, that is, the WiFi client is continuously moving from one band to another, irreparably causing connection cuts .
Home automation devices generally always support 2.4GHz WiFi, and they rarely support 5GHz WiFi. When we have Smart Connect activated in our router, two problems are generally caused:
- If our smartphone is on the 5GHz band and the home automation device only supports 2.4GHz, it will give an error when configuring it. In order to do this, we must move away from the router to force it to put us on 2.4GHz, then we can configure it correctly and without problems.
- Once configured, the home automation device could have cuts when the router tries to band-steering, this depends on how the home automation device itself is configured internally. We have run into these kinds of problems.
As you have seen, the Smart Connect and the band-steering could be a problem for your device, something that is fixed if we create a WiFi network specifically dedicated to these devices and operating only on the 2.4GHz band.
Core network security
Many current WiFi clients such as laptops or smartphones already support the WPA3-Personal standard, a more secure standard than the previous WPA2-Personal. For security, it would be advisable to configure WPA3-Personal authentication in the main network, however, home automation devices generally do not support this new WiFi encryption standard, so they could not even see the network to connect to, or if they see it. , it would give an error in the authentication. Currently the latest IP Cloud cameras from major manufacturers such as D-Link, are incorporating support for WPA3-Personal, however, older models or other manufacturers do not support this type of encryption, and surely they will never support it unless Let’s buy a new IP camera.
To avoid this, we could create a secondary network with WPA2-Personal security where we connect all the home automation devices, and leave WPA3-Personal in the main network where our smartphone or laptop is located, which does support this encryption protocol.
Isolate devices and connect via Cloud
Another reason to create a secondary WiFi network where to connect all home automation devices is to isolate them and only have an Internet connection, and cannot make any communication with the local area network. Most devices such as smart bulbs, smart plugs, IP cameras and many more, make use of the manufacturer’s Cloud to communicate with the applications on the user’s smartphone. Through a reverse connection, we can connect to them without the need for them to be on the same local network.
Isolating home automation devices is a good practice for users who want to protect their privacy from the main network, because many of these devices could send metadata to the manufacturer’s servers and even carry out other types of communications to collect information.
Once we have seen the three reasons to connect IoT devices to another WiFi network created specifically for them, let’s see how we can configure it on any router from the ASUS manufacturer.
So you can create and configure a WiFi network for the IoT
In this example we are going to use an ASUS router, in principle, any router that allows you to create other WiFi networks in addition to the main one, would also work perfectly. In case you cannot create other WiFi networks, you could do the same using a guest WiFi network in the 2.4GHz and / or 5GHz band. A very important detail if your router has a guest WiFi network, but it does not allow these devices to communicate with the main network:
- If your Home automation devices use the manufacturer’s Cloud To communicate with the mobile app, such as mydlink or TP-Link IP cameras or smart plugs, you will have no problem connecting them to this guest WiFi network.
- If your Home automation devices need direct connection with the smartphone, and being in the same local network and there is communication, you will not be able to connect these devices to the guest network because you will generally be connected to the main network, and there is no communication between both networks.
The first thing to do on the router is to go to the «General / Guest Network«, Here we can create up to three additional WiFi networks for each frequency band. We click on the “Enable” button in the frequency band that we want to enter its configuration.
Now we will have to indicate the different configurations of this new WiFi network:
- Hide SSID: no, many home automation devices necessarily require that the WiFi network be visible, otherwise they will not be able to connect.
- Authentication method: here we will choose WPA2-Personal or WPA2 / WPA3-Personal, allowing home automation devices that do not support WPA3-Personal to only be able to connect correctly.
- WPA encryption: AES
- Pre-shared WPA key: we put the password that we want, this password will be the one that the home automation devices have to use.
- Access time: unlimited access.
- Bandwidth limiter: do not
The option of «Intranet access«, If we have it« Activated »we will allow the home automation devices to communicate through the local network with the main wired and wireless network devices, this is ideal to allow home automation devices that do not support the manufacturer’s Cloud with reverse connections can communicate with our smartphone without problem. In the event that all home automation devices support Cloud, we can set it to “Deactivated” to isolate this WiFi network.
The option of «Sync to AiMesh Node»Is very interesting, if we have an AiMesh WiFi network with several routers or ASUS devices compatible with AiMesh, we can tell them that the WiFi network we have just created is also available in the rest of the network nodes. Otherwise, this guest WiFi network will only be on the main router and not on the other nodes. The most normal thing is to leave it in the option «All» so that this network is in all the available nodes.
Finally, in the «Enable MAC filter»We will be able to create a MAC access control list to the local network, generally the best thing to do is to leave it in« Deactivated », because it does not improve the security of the wireless network at all.
As you have seen, creating a WiFi network for home automation devices is really easy, and it will allow us to better protect the main WiFi network, in addition to being able to use technologies such as Smart Connect to have band-steering, something that home automation devices really take. evil.