Help needed with home network setup (private/rental separation)

Jan 30, 2019
I need some advice as how to set up a good network for my house and rental apartment. The main concern is to split the traffic from my private network and the unit I rent out in the basement, but I would also like to increase reception of private wifi in basement and my outside patio. I've been an IT consultant for the past 15 years, but network have never been my strongest area.

- The house is 3 stories high (basement, first floor and second floor)
- The internet cable enters to a router in the upper floor (can't change this)
- The router runs a 2.4 and 5G Wifi network for private connections. The connection are poor/absent in the basement and back yard. Not ideal.
- I've got a wired connection from the top floor router to a switch (TV rack with several components), down to the first floor for the office (via another switch), then to my basement and another switch, NAS etc.
- The rental unit get internet via this basement switch and a Linksys router with a 2.4G wifi network.

I've been looking into mesh devices, I could use two devices (one near the router in second floor and one in basement) to get full coverage. I could probably also just have ONE accesspoint in the middle of the house to get full coverage. The main problem is this rental unit. I need to get that traffic to go directly to the router and out on the internet. Not in my private network. I could go for VLAN on my network. Just have to change one switch to do it. But it creates more work and maintenance.

What are my options here? Are there any mesh devices that can handle strong separation between two networks, and that works with routing traffic through my ISP delivered router?
Any help and ideas would be appreciated!


You want a single point of convergence if possible. Your primary router. A primary router that can support VLANs would provide the most security. A dedicated wired connection to an access point in the rental would provide maximum segregation.

Some WIFI hardware can have multiple SSIDs and tag each SSID with a VLAN tag. If you have a fully VLAN capable infrastructure (switches, router, etc) then you could implement something like that. The small business type hardware like Ubiquiti can support that feature.