After I set up VLANs on my home network, I quickly noticed that I could not access the web administration page on my TP-Link T2600G-28TS L2 managed switch (affiliate link) from a different VLAN even though I had allowed access for my PC via a firewall rule. I could access the web admin page of the switch from the same VLAN (the default VLAN1) so I knew the switch was functioning properly.
When I initially created VLANs on my UniFi wireless access points, I was still new to VLANs in general, and I was not quite sure how to configure my network switch. I was wanting to join my wired and wireless devices together on several different VLANs for various purposes (IoT network, guest network, security camera network, etc.). Setting up VLANs on a TP-Link switch is not too difficult once you understand how VLANs work.
I purchased the budget friendly TP-Link T2600G-28TS L2 managed switch (affiliate link) for my home network since I wanted to be able to segregate the devices on my network to help address the security concerns of hosting public services and using various IoT devices. (A word of caution: if you are a married man, you may have a desire to accomplish this task without frustrating your wife by adding unnecessary complexity or by excessive network outages while you are building out your network.
Network port isolation is one way you can restrict communication between network devices. You can restrict certain PCs from accessing your server, for instance, or you may even prevent certain devices from accessing the Internet by blocking communication with the switch port connected to your router. Port isolation may be used to increase the security of your IoT devices by only allowing access to the port connected to your router.
It is not uncommon for many home networks to utilize an all-in-one network device provided by the users' Internet Service Provider (ISP). For ease of setup and use, ISPs typically include/lease this equipment by default when users order Internet service. These all-in-one devices are essentially a combination of a modem, router, switch, firewall, and wireless access point. They can also include VOIP (Voice Over IP), home security, and cable TV services.