![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
UniFi - Guest Access?
- Thread starter marley1
- Start date
Do you need any special router for UniFi if you want to have your office network and then a guest network?
Normally you would need to do a VLAN and then have another DHCP server.
you can do vlans, and a seperate dhcp network for the new vlan. I'd also make a block rule between subnets..
what router / firewall do you have ?
do you need to do vlan? thats what I am wondering.
i am wondering if all this is built into the unifi. at the site we have they dont have a router that can do vlan.
not sure how you are going to do this then, because you will be giving them access to the network if you just do a guest access, im not to sure how the unifi's work but im pretty sure they work like the rest.
What kind of firewall / router do they have then ?
YeOldeStonecat
[H]F Junkie
- Joined
- Jul 19, 2004
- Messages
- 11,330
Does the router have interfaces that can be additional LAN interfaces? I'm doing a Unify setup where I'm going to have 1x AP connected to a 2nd LAN interface on an Untangle NG-100 unit...just for guests.
YeOldeStonecat
[H]F Junkie
- Joined
- Jul 19, 2004
- Messages
- 11,330
Client Isolation mode works...within other wireless clients..but soon as the traffic leaves the AP and hits the LAN nothing can police it so it can find other nodes on the switch. True client AP with wireless with smaller biz stuff needs to be done from wireless built in a router. Or on higher end wireless controllers that are fed from anutter VLAN. At least AFAIK.
I had one at the office for a month or so, but it got put to use elsewhere...so we don't run them at our office. Got some at clients though, working well....but setup with traditional LAN access. The one I'm doing with Untangle will be the first one truely for guests at a client..I'm sure that will work fine though since it's going to a dedicated Untangle interface.
I had one at the office for a month or so, but it got put to use elsewhere...so we don't run them at our office. Got some at clients though, working well....but setup with traditional LAN access. The one I'm doing with Untangle will be the first one truely for guests at a client..I'm sure that will work fine though since it's going to a dedicated Untangle interface.
Client Isolation mode works...within other wireless clients..but soon as the traffic leaves the AP and hits the LAN nothing can police it so it can find other nodes on the switch. True client AP with wireless with smaller biz stuff needs to be done from wireless built in a router. Or on higher end wireless controllers that are fed from anutter VLAN. At least AFAIK.
I had one at the office for a month or so, but it got put to use elsewhere...so we don't run them at our office. Got some at clients though, working well....but setup with traditional LAN access. The one I'm doing with Untangle will be the first one truely for guests at a client..I'm sure that will work fine though since it's going to a dedicated Untangle interface.
Exactly how I have mine set-up,
Port one Lan
port 2 wireless AP with different subnet & rules to see certain things like printer on LAN network, all other things blocked, and only allowed OUT to the WWW...
Only thing i think is stupid with Untangle is, if yu have 2 NIC ports and add in another, it becomes DMZ, so to get a second port you need to add in two ports..
Good thing PCI & PCIE dp cards are cheap..
On the Unifi you can apply guest policies. Basically you'll get an IP from the same DHCP server as everyone else, but you cannot access or even ping anything on the network when it's enabled.
Or you can go with VLAN route and multiple DHCP servers which works really well. That's how mine is setup at home with 4 VLANs just for wireless to give me guest access, internal network, and two test networks with different Public IPs.
Or you can go with VLAN route and multiple DHCP servers which works really well. That's how mine is setup at home with 4 VLANs just for wireless to give me guest access, internal network, and two test networks with different Public IPs.
On the Unifi you can apply guest policies. Basically you'll get an IP from the same DHCP server as everyone else, but you cannot access or even ping anything on the network when it's enabled.
Or you can go with VLAN route and multiple DHCP servers which works really well. That's how mine is setup at home with 4 VLANs just for wireless to give me guest access, internal network, and two test networks with different Public IPs.
Perfect that sounds like it will do what we want. As long as the guest network cant access anything on the network. It's proposed for 6 of them
YeOldeStonecat
[H]F Junkie
- Joined
- Jul 19, 2004
- Messages
- 11,330
Only thing i think is stupid with Untangle is, if yu have 2 NIC ports and add in another, it becomes DMZ, so to get a second port you need to add in two ports.. ..
That is just a default name it assigns the port....don't let it confuse you, you can do whatever you want with it equally as if you added a 3rd or 4th interface.