Separate guest wifi network on WAP
-
Greetings -
I am trying to configure a separate network for guest wifi access on my wireless access point. I previously had this setup when my wireless device was also my router. I have now installed a new router box running pfsense and have made my wireless device a dumb access point. So I am not sure how to get this configured now.
My current hardware setup is:
PC Engines APU2C4 (pfSense router/firewall/dhcp)
192.168.123.2Trendnet TEG-S80Dg (8 port unmanaged switch)
Buffalo WZR-600DHP (LEDE 17.0 dumb AP setup)
192.168.123.4I would like to setup a separate LAN network on 192.168.234.xxx for the guest wifi access. I am trying to understand what portion of this needs to be setup on the on the pfSense box, and what parts need to be configured on the LEDE WAP. I am not that knowledgeable about VLANs, so I don't know if that is the approach that I need to take, or whether there might be a simpler approach.
Some general guidance might suffice for now, and I can get more specific questions after I understand the big picture. Thanks.
Jeff
-
You need to tag different VLANs to the AP and separate the different SSIDs/wireless networks that way.
You also need a managed, 802.1q-capable (VLAN) switch.
-
Hmm… Is this not possible without a managed VLAN capable switch? I know that pfSense can create virtual IPs. The Buffalo WAP has VLAN capability on it. And I do still have one un-used ethernet port on the APU2 box. I guess I still need more detail to understand how I would do it.
Jeff
-
Get a managed switch.
-
I appreciate the sales pitch, and I understand that you are implying that it might be easiest for me to do this if I had a managed switch, but unfortunately I don't have one and will probably not be getting one in the immediate future during the time that I am trying to understand the technical issue.
That was why I asked a specific question regarding whether this is possible without a managed VLAN capable switch?
And the fact that I like to learn about the next issue I am tackling, which your reply doesn't help me do either.
My office network doesn't use a managed switch and I have a guest network setup on our wifi there. Granted it is using a nice Ubiquiti AP and their software that makes it easy to do this. Whereas I only have my Buffalo WZR-600DHP to work with. I might be just as better off replacing the Buffalo with an Ubiquiti device, but I am not in a position to do that right now either. I also had a separate LAN Guest WIFI network when the Buffalo was also functioning as my router before installing the pfSense box. So this leads me to believe it is possible with my current hardware without purchasing new stuff.
Helpful technical information from all is appreciated. Thanks.
Jeff
-
Possible, maybe. Just because you can doesn't mean you should.
A managed switch is about $30 on Amazon. Get one.
Yes, someone can spend hours with you trying to get your convoluted configuration that you should not even be attempting working. And it will never be truly corerct since it is all going through an unmanaged switch.
You are asking a lot since the proper gear is so inexpensive.
-
" I also had a separate LAN Guest WIFI network when the Buffalo was also functioning as my router before installing the pfSense box"
Then go back to that until you can afford to get the correct hardware.. Here is the thing you had a guest network when the buffalo was your EDGE router.. Its not the edge router - it doesn't tag the guest network in a way you can use it with another router..
If your AP can tag, and you have a port on pfsense then sure you could connect your AP to this port and have multiple networks. But none of these wireless networks would be on the same L2 as your "lan" unless you bridge interfaces.. Which turns into a convoluted mess.
If you want to run multiple wifi networks then get the hardware to do that - its not expensive!! As stated a entry level switch that can do vlans is 30$ The AC lite model AP from unifi is less than 80$ This is cheaper than many soho routers…
