Cisco dual band AP541N + vlan
-
Please don't take this the wrong way but If I were you I would re-this whole thing for a number of reasons:
Oh, wonderful… Finally a network that makes sense.
-
Please don't take this the wrong way but If I were you I would re-this whole thing for a number of reasons:
additional steps - If you don't have the ability to add any more nics
Thanks very much for you reply. This look great.
However I have more WAN than I showed on my diagram.I have 3 WAN: 2 ADSL an 1 WIMAX.
I skipped WiMAX because it uses a separate network card.
I have only 3 NIC in pfsense: one is for SLM2008, one for LAN SWITCH and one for WIMAX.What do you think about this architecture:
ADSL
ADLS VLAN->SLM2008 -> PFSENSE -> SLM2008 -> LAN SWITCH
WIMAX |
| VLAN
AP541N -
Okay here is how it can be done:
1. Make VLAN 20 on Pfsense box
2. Make interface and attach it to VLAN 20 (This is called a VLAN Interface)
3. Make VLAN 20 on your SLM2008 switch and add it to your tagged port 8
4. Add VLAN 20 untagged to your port 5 of your SLM2008 switch
5. Connect 3rd Wan connection to your port 5 of your SLM2008
6. Enjoy!I guess you could use a switch as a WAN aggregate, as long as you make a new VLAN and VLAN interface for ever connection. I know some ISP's DHCP servers don't like to see the same MAC address across multiple connections, if this is the case for you then you can manually change the mac-address of your NICs (VLAN interface). Remember that every VLAN Interface is going to have the same MAC address if tied to the same physical NIC. Just go up a bit in the address of the last byte. For example if your last byte is :3F then make the next NIC (VLAN interface) :40 and you should be good. Just make sure that the port connected to your modems are untagged and the port going to Pfsense is tagged with all the VLAN members. If you follow the steps above you don't have to change anything in my drawling just add the new VLAN and VLAN Interface; connect your additional WAN and you will be good to go.
Please report back with your results.
-
One thing I forgot to mention (I assumed it), you should remove vlan 1 off the ports where you don't want it after you assign the new VLAN to it that way your WANs are on their own LAN.
-
Thanks a lot.
I considered buying another SLM2008 but I'll do it on one based on your description. -
Works perfectly.
Thanky you all. -
Cool, good stuff.
-
Hi. I have one more question.
I have two AP541 in cluster. Guest access works ok on first floor because AP541 is connected to SLM 2008 (exactly as you described).
Guest access doesn't work on 3rd floor because AP541 is connected to LAN SWITCH right now and it is obvious.
Before I will buy another SLM2008 I want to ask you if following architecure is correct.There is only one cable from first floor to third floor. There is no option to add another.
I wonder if tagged guest network will work and guest network will see pfsense interface. -
If the points that the AP541 are attached to are all VIPD set to a single VLAN they will all see each other fine as you have drawn it, as far as I can tell.
-
Yes you will be good to go. Just make sure that the SLM2008 are Tagged ports with all vlan members needed to the 3rd floor. Also not sure how far apart the Access points are but remember the only channels that don't interfere with each other are 1, 6, and 11 @ 2.4 GHz. If your switch is not MDI-X capable then you will need a cross-over cable from switchport to switchport.