Snouto
Occasional Visitor
Hi
Total network noob here looking for some expert advice. I require a small network consisting of an iPad with cellular and connected to a local WiFi access point, an air printer connected to the same access point, and one or more mobile phones from joe public connecting periodically to the same access point.
I require the iPad to be able to print to the air printer, however the public devices should not be able to see it.
After discussing with several people I was initially led to believe an L2 managed switch like those supplied by TP-Link would do the job, such that I’d create three VLANS where the iPad would be in one, the printer in another, and all the public devices to the third. The only hardwired device to the switch would be the AP. Then by magic I’d allow vlans 1&2 and 1&3 to communicate, but not 2&3 thereby preventing public device access to the printer. FYI if it matters, the public devices would be connecting to an embedded web server in a custom app running on the iPad via an IP address and port 8080 (the port number might be changeable though). At this point I’m assuming they’re all on the same subnet until I’m told otherwise.
Today I was advised by someone unconnected to tp-link that this was crap and wouldn’t work without an L3 switch because L2 switches can’t route between VLANS, and additionally I’d need the switch to handle DHCP. I was told to look at Cisco and Ubiquiti gear and give tp-link the big swerve, and thus I’ve arrived at the Cisco SG300-10.
I’d also apparently only need two VLANS - one for the iPad and printer, the other for public devices.
I’m about to buy this switch in a few hours and fumble my way through the config as a test of the network but I have questions:
1) is this a crazy plan or might it just succeed?
2) do I really need an L3 switch for my requirements?
3) will I need a VLAN aware access point to provide WiFi to the devices or will any old AP do? Maybe something like Tp-Link TL-WA801ND which can do multi SSID with VLAN tagging?
4) two or three VLANS? I can see the logic of binding the iPad and printer to the same VLAN but if I allow vlan2 to see the iPad in VLAN 1 wouldn’t that effectively open up the printer too?
5) Apple Bonjour is apparently a tricky beast. Is there anything in my plan that might be foiled by Bonjour, with the end result being the printer is visible to public devices?
6) the sg300-10 has ten ports and I need 1. Any other smaller, cheaper but just as useful switches out there?
I hope someone can hit me with some knowledge, because if isn’t clear enough already, I don’t know what the hell I’m doing.
Cheers!
Total network noob here looking for some expert advice. I require a small network consisting of an iPad with cellular and connected to a local WiFi access point, an air printer connected to the same access point, and one or more mobile phones from joe public connecting periodically to the same access point.
I require the iPad to be able to print to the air printer, however the public devices should not be able to see it.
After discussing with several people I was initially led to believe an L2 managed switch like those supplied by TP-Link would do the job, such that I’d create three VLANS where the iPad would be in one, the printer in another, and all the public devices to the third. The only hardwired device to the switch would be the AP. Then by magic I’d allow vlans 1&2 and 1&3 to communicate, but not 2&3 thereby preventing public device access to the printer. FYI if it matters, the public devices would be connecting to an embedded web server in a custom app running on the iPad via an IP address and port 8080 (the port number might be changeable though). At this point I’m assuming they’re all on the same subnet until I’m told otherwise.
Today I was advised by someone unconnected to tp-link that this was crap and wouldn’t work without an L3 switch because L2 switches can’t route between VLANS, and additionally I’d need the switch to handle DHCP. I was told to look at Cisco and Ubiquiti gear and give tp-link the big swerve, and thus I’ve arrived at the Cisco SG300-10.
I’d also apparently only need two VLANS - one for the iPad and printer, the other for public devices.
I’m about to buy this switch in a few hours and fumble my way through the config as a test of the network but I have questions:
1) is this a crazy plan or might it just succeed?
2) do I really need an L3 switch for my requirements?
3) will I need a VLAN aware access point to provide WiFi to the devices or will any old AP do? Maybe something like Tp-Link TL-WA801ND which can do multi SSID with VLAN tagging?
4) two or three VLANS? I can see the logic of binding the iPad and printer to the same VLAN but if I allow vlan2 to see the iPad in VLAN 1 wouldn’t that effectively open up the printer too?
5) Apple Bonjour is apparently a tricky beast. Is there anything in my plan that might be foiled by Bonjour, with the end result being the printer is visible to public devices?
6) the sg300-10 has ten ports and I need 1. Any other smaller, cheaper but just as useful switches out there?
I hope someone can hit me with some knowledge, because if isn’t clear enough already, I don’t know what the hell I’m doing.
Cheers!
Last edited:
I can see the wifi SSID in the list but my mac just wont connect.
