VLAN on unmanaged switch ?
-
Greetings all,
I am trying to accomplish a specific task and I am running into difficulties and would greatly appreciate some guidance.
My setup consists of a pfsense box, a 24 port unmanaged switch, and a WAP.
My goal is below;
- LAN on 192.168.1.0/24 with DHCP turned off and only accepting static assignments.
- OPT1 on 192.168.2.0/24 with DHCP turned on and access to the internet (but isolated from LAN)
With the above in mind my end goal is to have any new device on my network (WiFi or cabled) to be automatically assigned to OPT1 with access to the internet only. Then if necessary (and trusted), manually moved to LAN and given a static assignment.
Would I accomplish this with a VLAN ?...is it even possible or is there another way to accomplish this ?
-
While it is possible to use VLANs without a managed switch, it makes things more difficult. For example, the trusted devices would have to be configured to use VLANs, but many devices can't. Also, you'd need 2 SSIDs on WiFi, with one connected to the VLAN. Managed switches can be configured to put specific MAC addresses on a VLAN, but I don't know that pfSense can. There are DHCP options to put a device on a VLAN.
-
Understood, thank you. I will explore the option of using DHCP to put devices on VLANS.
-
Don't forget, many devices don't support VLANs.
-
If your wanting to do vlans your going to need a vlan capable switch and a vlan capable AP... Or your going to need to run completely different hardware for each network.. Anything else is just completely BORKED!!!
You can pick up a 24 port vlan capable switch off ebay for a like 30$.. Do you really need 24 ports? You an get a 5 or 8 port smart switch to handle the vlans and then use your 24 port switch for all the devices that are going to be on 1 vlan..
