What's new

Guest ssid on Seperate Vlan - Unifi/Edgerouter help wanted

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Symbiot

Regular Contributor
hi



I want to set up a simple guest wifi network.
router01.png
router02.png
wifi01.png
wifi02.png
wifi03.png



1. no access to internal LAN

2. no guest logon portal or similar. Just simple password.


... pretty much it..

I have 1 AC-AP Pro connected to port 3 in the ER-X.

So all devices connected to SSID: internal_Lan should continue to work as normal lan and devices connected to Guest_lan should just have www access and nothing else.

Hoping someone will guide me.
 
This video should help.

Hi netwrks..
Thx, I did watch the video and it got me started.

I think my main problem is understanding :

How do I tell the edgerouter that it should look at eth4 for vlan tagged traffic from my guest wifi and still accept and allow traffic on eth4 from my private wifi.

from googling etc I'm seeing mentions of vifs, pvids, vids, and so on and it's not really making sense... yet...
 
You can't put your .10 VLAN on your WAN (Internet) port. So, remove the vlan on eth0. You won't be able to use port 4 with a vlan, as it attached to switch0.

You would be better off resetting the router to default.
Run WAN+2LAN2 DO NOT BRIDGE eth1 to switch0. (Eth1's default subnet is 192.168.1.1) Use eth1 as your connection to your WAP. Configure eth1 with VLAN 10. Don't forget to create a DHCP service for your .10 subnet.

Test your devices with default subnet on eth1 (192.168.1.1) then test your Guest devices on VLAN 10 - 192.168.10.1/24 Your .10 range is 192.168.10.2 - .254.
Use WPA Personal for Security - not WEP.. Switch0's default subnet is 192.168.2.1. Use ports 2-4 with the 2.1 subnet and connect other devices to it.
 
Ensure that your AP's do VLAN to SSID binding - many consumer Router/AP's converted to AP do not...

The Uni-FI's should - the one consumer Router/AP I know of off the top of my head is Apple on their Airports, where the secondary SSID is bound to VLAN1003

Also - just as a tip - keep VLAN's above 100, so one doesn't conflict with potential VLAN's internal within a device (this is general guidance, not specific to any one vendor)
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top