I have a problematic situation the thing is that due to some limitation i can not have a new VLAN configured. so is it possible if i put the Meraki security cameras in the same LAN network VLAN.
I know the good practice is to keep the security camera in seperate VLAN. but i just wanted to know will it be a problem if i keep the Meraki security camera in same VLAN as LAN network.
Solved! Go to Solution.
I'm not the best person to reply (wait for others), but I will add that if you do have them in the same network, go into your DHCP settings and assign a separate subnet just for the cameras. This will help you identify them more easily or separate by IP address if needed. Mine are PoE and the DHCP server gives them a separate IP address subnet based on the leading characters of the MAC address.
For example, if MAC address equals AB-CD-12-xx-xx-xx (where xx is a wildcard), assign IP address from 172.16.110.1 to 199. Whenever I see 110 subnet in my network monitoring tools, I know it's a camera.
I'm not saying this is the best or only method. This is one possibility and it's working good for me.
Well, I dont see such option on the SOPHOS Firewall. I have only one VLAN for LAN network, I can add Meraki Security Camera in the same LAN network, i have no issue what IP they picked. As i will be monitoring them from the Meraki Dashboard. My only concern is that if i will put the Meraki Camera in the same VLAN of my LAN Network where i have PC/desktops etc. Will it cause any issue or problem.
@SCC yes its not best practice to have security devices on you main LAN however it will work. The only way to view footage from a Meraki camera is through the dashboard so its not as though someone can hack the camera and view its footage.
If you have an MX you could setup another VLAN and have that routing through your MX, that would be more secure.
The problem is that I have SOPHOS Firewall not MX. The other option i was thinking to put these Meraki Cameras in Management VLAN. As I have just two more switches in this VLAN and its easy for me to put these Meraki Cameras into this Management VLAN.
Hey @SCC ,
you can add a new VLAN on a SOPHOS firewall too.
It's not kind of a big deal.
So add a new VLAN on SOPHOS, set UPLINK to your Switch and configure an access port in the created VLAN for the Camera.
Putting it in the management VLAN is not a bad option as long as you can get to it from your production VLAN, you should be fine.
@SCC your Sophos firewall should support you setting up one of its interfaces as a tagged interface.