Wealan is a lightweight vpn for a local network.

Do you have an office with departments: accounting, marketing and IT. There is no domain, all computers are connected to one switch, i.e. to one local area network (LAN). And so the accountant wanted to transfer files between computers without getting up, they were too lazy to transfer them on flash drives, and they couldn’t work with mail much, they only knew how to drag the icon into the daddy. And they made a shared folder for them, so that they dragged the files there and everything was great with them, but the joker Vasya started up in marketing and he started to edit the files in this folder, out of boredom. Buhi began to get nervous and asked to fence off their daddy from Vasya. You decided to get by with a little bloodshed and separated the computers of accounting and marketing just by a netmask, it seemed to work. And then to Vasya, he came to visit, his friend cool-hacker Petya, poked his laptop into the network, configured the address from the accounting network and deleted the files from the daddy. The accounting department threatened you that there would be no salary until daddy was fenced. You decided to physically separate the networks, for this you had to buy a new switch, but the evil director said that he would not give money. the old switch was worth just a billion dollars. You thought, read and found out that your switch is managed and configured VLAN on it, i.e. made a virtual local area network, in one iron switch live, as it were, two others, separated. And now the salary began to drip to you again, because. Vasya can no longer get into the accounting folder, because. it is, as it were, connected to a different switch, virtual. that he won’t give money. the old switch was worth just a billion dollars. You thought, read and found out that your switch is managed and configured VLAN on it, i.e. made a virtual local area network, in one iron switch live, as it were, two others, separated. And now the salary began to drip to you again, because. Vasya can no longer get into the accounting folder, because. it is, as it were, connected to a different switch, virtual. that he won’t give money. the old switch was worth just a billion dollars. You thought, read and found out that your switch is managed and configured VLAN on it, i.e. made a virtual local area network, in one iron switch live, as it were, two others, separated. And now the salary began to drip to you again, because. Vasya can no longer get into the accounting folder, because. it is, as it were, connected to a different switch, virtual.

Respect yourself and others, spend an hour on the basic theory of how Ethernet works. And yes, it's not just a matter of security between several departments in one office, as many advise. There are also concepts of the correctness of the network, and to dig deeper, the performance of switches. However, if there is only one router and a couple of unmanaged switches, vlans are really not needed
https://m.habrahabr.ru/post/138043/

This is when you need to transfer several networks through one port so that they do not intersect. And on the next device, separate them.
For example - a large company, each department has its own network. There is a large switch on the floor and everyone is connected to it. Without vlans, each department would have to pull its own link, put a separate switch. And so one link and a switch separates the networks and distributes the necessary networks to the ports.
Vobshchem Vlan are virtual networks on one physical iron.

For example, we are a service provider, each client has his own vlan for their virtual machines, so. we don't care about their addressing and everything else, we actually physically separate them from each other at the l2 level.
This is an example of use, if you need details - go watch the "networks for the smallest" course, fortunately, it's easy to google ...