Finally ditched my ISP’s router and installed my own opnsense firewall with my own Access Point. I have crowdsec running on opnsense to block attacks + adguard to block ads and malicious domains. My network is segmented between my homelab that is exposed and my AP.
Finally feels quite safe in my network 😅
Nice.
Running different SSIDs too?
I put all my IoT stuff on a dedicated 2.4-only network, VLANd it to the (pfsense) firewall which allows the VLAN trunk to be split into separate logical NICs that I apply different policies to, like no access to the internet, etc…
At the moment I only have one WiFi instance, not planning to separate yet but it could be a future upgrade since I have a few IoT devices.