new public wifi setup SG3100
-
At one of our locations we have an SG-3100. We've worked with pfsense support to help get it setup initially, but now I am working on a public wifi option (without paid pro support). This location does have 2 WAN connections (primary on WAN port and secondary on OPT port with failover in place), so I cannot use the OPT port for the wifi.
- Would VLAN be the best option to keep Public wifi traffic separate from the company network?
- If using VLAN, would it be as simple as the rules saying "block VLAN to LAN"?
- When setting it up, say I have wifi router/AP on port 2, is there a way to bind "wifi VLAN" to mvneta3 (labeled port 2 on the SG3100) or does it have to bind to the LAN?
I already setup Captive Portal and separate wifi connection at the main office location for the public/clients but that server already has 10 separate network connections that have been isolated from each other (via firewall rules already in place) so it was easier to connect public wifi to its own network port.
With the other location mentioned initially, is it essentially create the VLAN and use the same allow/block rules as the main office location?
-
You need to separate your switch Port(s) first: https://www.netgate.com/resources/videos/configuring-netgate-appliance-integrated-switches-on-pfsense-244.html
After that you can do the Setup like in your main office.
-Rico
