On Fri, Aug 31, 2018 at 4:49 PM, r hayman <rhayman at pureice.com> wrote: > On Thu, 2018-08-30 at 21:17 -0500, o1bigtenor wrote: > > On Thu, Aug 30, 2018 at 5:16 PM, r hayman <rhayman at pureice.com> wrote: > > Like Ioannis, I control my own LAN and isolate it from the "LAN" of the > ISP-provided device. > > I currently have an Ubiquity EdgeRouter and its WAN port is the only thing > connected to the ISP-provided device. > I set the ISP-provided device into bridge mode (if I can't I have my ISP do > it). > > When this is complete, my EdgeRouter WAN directly faces the Internet (gets > an Internet routable address). > I have the EdgeRouter set up as a DHCP server on the LAN side and have all > incoming and outgoing routes denied by default. > I add rules to allow only what I want in and out of my network. > > I also have the ability to support VLANs for IoT devices that I don't want > on my LAN - they get a separate VLAN > > Set up like this, my entire LAN operates within the LAN even when the ISP or > the WAN goes dark. > Thank you. I have some reading and then some thinking to do. Have already been looking for 2 routers (I like to carry a spare so that when one dies that I have a replacement to hand). When thinking is completed if I have questions I will be back at you. Thanking you for your assistance. Dee