F5F Stay Refreshed Power Users Networks Configure VLAN in PfSense for guest network isolation.

Configure VLAN in PfSense for guest network isolation.

Configure VLAN in PfSense for guest network isolation.

Pages (2): 1 2 Next
K
Kamikaze_007
Senior Member
Find
625
09-10-2016, 08:16 PM
#1
Looking at this video and your setup, I'm not sure if anyone has shared similar experiences. You mentioned connecting devices occasionally but rarely getting an IP address. It sounds like you're trying to broadcast both home and guest networks from the same access points without separate APs. Have you considered alternative methods or configurations?
Reply
Reply
K
Kamikaze_007
09-10-2016, 08:16 PM #1

Looking at this video and your setup, I'm not sure if anyone has shared similar experiences. You mentioned connecting devices occasionally but rarely getting an IP address. It sounds like you're trying to broadcast both home and guest networks from the same access points without separate APs. Have you considered alternative methods or configurations?

Reply
Reply
S
Serpenh33
Member
Find
208
09-10-2016, 08:30 PM
#2
Yes, those Unify APs can handle multiple SSIDs simultaneously. You configured a distinct VLAN in pfSense, assigned its own IP range, and on each AP, the corresponding SSID is tagged with that VLAN tag.
Reply
Reply
S
Serpenh33
09-10-2016, 08:30 PM #2

Yes, those Unify APs can handle multiple SSIDs simultaneously. You configured a distinct VLAN in pfSense, assigned its own IP range, and on each AP, the corresponding SSID is tagged with that VLAN tag.

Reply
Reply
H
HeroJimmy
Junior Member
Find
11
09-10-2016, 09:50 PM
#3
I agree, yes, and definitely. I’ll need to look into it. It seems like I’m matching what’s shown in the video.
Reply
Reply
H
HeroJimmy
09-10-2016, 09:50 PM #3

I agree, yes, and definitely. I’ll need to look into it. It seems like I’m matching what’s shown in the video.

Reply
Reply
D
DanTDM_2007
Member
Find
146
09-10-2016, 10:02 PM
#4
You're interpreting the setup correctly. As long as the guest interface is properly configured in pfSense and the guest Wi-Fi is assigned to the right VLAN on the Unify AP, it should function. Your approach of using a managed switch with a separate router for the guest gives you more control. Comparing setups, your configuration seems sound—just ensure the ports are tagged appropriately for security. On pfSense, firewall rules differ between VLANs, but you can block unwanted traffic while allowing necessary communication. Since the AP supports VLAN IDs, matching the interface settings should resolve compatibility issues. You might want to reboot pfSense if needed to finalize DHCP assignments.
Reply
Reply
D
DanTDM_2007
09-10-2016, 10:02 PM #4

You're interpreting the setup correctly. As long as the guest interface is properly configured in pfSense and the guest Wi-Fi is assigned to the right VLAN on the Unify AP, it should function. Your approach of using a managed switch with a separate router for the guest gives you more control. Comparing setups, your configuration seems sound—just ensure the ports are tagged appropriately for security. On pfSense, firewall rules differ between VLANs, but you can block unwanted traffic while allowing necessary communication. Since the AP supports VLAN IDs, matching the interface settings should resolve compatibility issues. You might want to reboot pfSense if needed to finalize DHCP assignments.

Reply
Reply
S
snakers28
Junior Member
Find
25
09-11-2016, 10:52 PM
#5
I don't get how it functions properly. I have a separate VLAN in PfSense for the wireless network, but sometimes it works occasionally and other times it fails completely. It displays the network wirelessly and accepts users, yet it doesn't provide IP addresses. This seems unusual. Maybe I should consider setting up a more affordable AP just for guest access?
Reply
Reply
S
snakers28
09-11-2016, 10:52 PM #5

I don't get how it functions properly. I have a separate VLAN in PfSense for the wireless network, but sometimes it works occasionally and other times it fails completely. It displays the network wirelessly and accepts users, yet it doesn't provide IP addresses. This seems unusual. Maybe I should consider setting up a more affordable AP just for guest access?

Reply
Reply
_
_Hundred
Member
Find
51
09-12-2016, 03:49 AM
#6
This decision came from a mix of experience and a few learning moments. Even with a CompTIA certification, I felt confident enough to handle the setup this way. The only hiccup was adjusting the VLAN configuration for the managed switch—specifically, the guest Wi-Fi AP needed to connect to the main VLAN. I had to change the port settings carefully, tagging it on VLAN 1 and untagged on VLAN 2, which took a few hours of troubleshooting.
Reply
Reply
_
_Hundred
09-12-2016, 03:49 AM #6

This decision came from a mix of experience and a few learning moments. Even with a CompTIA certification, I felt confident enough to handle the setup this way. The only hiccup was adjusting the VLAN configuration for the managed switch—specifically, the guest Wi-Fi AP needed to connect to the main VLAN. I had to change the port settings carefully, tagging it on VLAN 1 and untagged on VLAN 2, which took a few hours of troubleshooting.

Reply
Reply
S
SrKaner
Member
Find
222
09-13-2016, 10:54 PM
#7
I believe I understood the setup now. My PfSense device is located in the basement. The network connects to an 8-port switch that wasn’t managed before. I considered linking the AP directly to my Ethernet port, which did allow the guest network to function. Then I installed a managed switch upstairs and experimented with its ports, discovering the guest network was active while the managed switch remained unchanged. Up until now, the APs have operated perfectly across all areas. I’m planning to record a video to clarify this process, though I’m confident it will work as expected. My thought is that the unmanaged switches didn’t recognize my VLANs, even though the managed one handled PfSense’s VLANs.
Reply
Reply
S
SrKaner
09-13-2016, 10:54 PM #7

I believe I understood the setup now. My PfSense device is located in the basement. The network connects to an 8-port switch that wasn’t managed before. I considered linking the AP directly to my Ethernet port, which did allow the guest network to function. Then I installed a managed switch upstairs and experimented with its ports, discovering the guest network was active while the managed switch remained unchanged. Up until now, the APs have operated perfectly across all areas. I’m planning to record a video to clarify this process, though I’m confident it will work as expected. My thought is that the unmanaged switches didn’t recognize my VLANs, even though the managed one handled PfSense’s VLANs.

Reply
Reply
S
Supernova4242
Member
Find
110
09-14-2016, 01:26 AM
#8
It makes sense. Unmanaged switches likely can't interpret VLAN tags, so those tags probably aren't recognized.
Reply
Reply
S
Supernova4242
09-14-2016, 01:26 AM #8

It makes sense. Unmanaged switches likely can't interpret VLAN tags, so those tags probably aren't recognized.

Reply
Reply
S
Strikerxs2
Member
Find
168
09-14-2016, 06:42 AM
#9
They can't see them, but it seems they should still move through traffic safely without touching the signs. Likely just had bad luck with a model that doesn't work.
Reply
Reply
S
Strikerxs2
09-14-2016, 06:42 AM #9

They can't see them, but it seems they should still move through traffic safely without touching the signs. Likely just had bad luck with a model that doesn't work.

Reply
Reply
B
Blogging
Member
Find
59
09-14-2016, 09:18 AM
#10
I bought some Netgear products at a discount during Black Friday a while ago. I believe I spent around five dollars per item...hehe.
Reply
Reply
B
Blogging
09-14-2016, 09:18 AM #10

I bought some Netgear products at a discount during Black Friday a while ago. I believe I spent around five dollars per item...hehe.

Reply
Reply
Pages (2): 1 2 Next