I am helping to setup a network in our condo building to share a new AT&T Fiber internet line. The condo building has 28 units, each with a single CAT5 to the building's communication closet. Objectives are to share the internet line but not allow the condos to see each other on the network. There are no routing requirements between condos.
AT&T Router which we can't touch other than WAN port
(2) Dell PowerConnect 3548 level 2 switches
Various old Linksys and Netgear routers
Since each unit has only one CAT5, my plan is to label each CAT5 with the unit number and an assgined port. That port would then be part of a static (port based) VLAN. EXAMPLE: Condo #201 is plugged into Port 1. Port 1 has a PVID of 201 and belongs to VLAN 201. The ports are currently setup as type GENERAL and Untagged
Then I hit a snag. I had planned to use a trunk from the switch to the router and use SubNet/VLAN assignments in the Router. But the routers I have do not support VLANs and our HOA budget is limited.
So, here is what I am thinking. Create another static VLAN called "NETWORK" assigned to the gigabit port G4. All of the Condos will be part of their own VLAN <and> part of the "NETWORK" VLAN. Everything set to Untagged. I believe this should share the internet, puts everyone on the same Subnet, and I can use the Router for DHCP assignment.
QUESTION: Because the Condos are in their own VLAN, I don't think they will be able able to see other Condos even though they are on the same subnet. Correct?
QUESTION: Many of the Condo owners will hang their own personal router off of the CAT 5 in their condo. I expect they are all SoHo routers in the 192.168.#.# range. Any issues with this? Wondering if the single subnet will cause an issue.