On Mar 8, 2019, at 12:22 PM, John Robinson <[email protected] <mailto:[email protected]>> wrote:
> If you are concerned about the thermostats, you can absolutely segment your > network and add a VLAN for the thermostats that only allows them access to > the internet with a 1 way trust that will allow you access to the thermostats > but won’t allow traffic to be initiated from the thermostats into the rest of > your network. He’s suggesting a variation on what I’m doing. You can put the thermostats on a “guest” network with no open incoming ports so they can call home, but nobody can call them. Mine isn’t quite that strict. For example, I’m reminded some of my son’s gaming ports are still open, even though he doesn’t live here any more. (Gotta fix that one of these days.) I have my visitor network set up so traffic can’t pass from the visitor network to the home network. A good router will let you do this within its routing table. L^2 ---- Lee Larson [email protected] <mailto:[email protected]> The story so far: In the beginning, the universe was created. This has made a lot of people very angry and been widely regarded as a bad move. — Douglas Adams The Restaurant at the End of the Universe
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ MacGroup mailing list Posting address: [email protected] Archive: <http://www.mail-archive.com/[email protected]/> Answers to questions: <http://erdos.math.louisville.edu/macgroup/>
