I’ve been diving into my recently purchased Asus router with VLAN capability, but I’m quickly realizing that I can’t create VLANs and allow traffic between them. I can create Wifi networks on separate subnets, and I can assign ports as Access or Trunk ports. I’ve created an Access port, which then assigns it it’s own subnet, but I can’t allow access to that subnet from, for example, my PC on the main LAN.
What am I missing? Do I need a managed switched (in addition to a VLAN-capable router) in order to take advantage of allowing specific access between VLANs?
VLANs are primarily used to isolate traffic. Firewall rules are needed to allow/deny traffic between the various VLANs.