Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1565
Views
0
Helpful
4
Replies

public WIFI settings on company LAN

shawn.tucker
Level 1
Level 1

‎12-14-2010 09:56 AM

I'm trying to setup our system to provide clients/customers/vendors to have wifi access on our network, but keep them separated from our corporate LAN. I have two WAP4410N WAPs, an RV016 as the main router, and 3 SRW224G4P switches for the network. What I don't know is how to set everything up correctly to provide a secure connection for our users, but also have a separate network available to clients/customers. While I set the system up, I'm not a network admin nor do I have any formal training, so plain english please.

Labels:
0 Helpful
4 Replies 4

David Carr
Level 6
Level 6

‎12-15-2010 06:35 AM

Mr. Tucker,


If your going to use the rv016 for this setup its going to be tricky.  The reason is, you have to separate the ssid's via vlan and the rv016 doesn't support vlans.


You might need to get a router that will support vlans or a layer 3 switch with a dhcp server to accomplish this.  Once you do this, you can restrict the access of one network to the other by access list.

0 Helpful

shawn.tucker
Level 1
Level 1
In response to David Carr

‎12-15-2010 06:55 AM

The RV016 will do VLANs. Check the documentation for it.

0 Helpful

David Carr
Level 6
Level 6
In response to shawn.tucker

‎12-15-2010 07:45 AM

It does port base vlans on the device.  Its not like the wrvs4400n which supports up to 4 vlans on the device.


The rv016 supports multiple subnets and will act as the gateway for those subnets, but does not do dhcp for them and it will allow all traffic between the networks.  You have to create access rules to deny traffic between the networks.


But port base and Actually supporting the vlans tagging are two different things.

0 Helpful

David Carr
Level 6
Level 6
In response to David Carr

‎12-15-2010 07:56 AM

To better clarify, Mr. Tucker, you will need a trunk port from the router to do multiple ssids for the vlans.  You might could set this up with a layer 3 switch, create the vlans on the switch and have a trunk going to the wap4410n.  Then setup a dhcp server for the vlans so they can get an ip address and make the switch be the gateway for the vlans. 


Then create a default route to the router for internet traffic, and create routes back from the router to the switch for the different networks you have behind the switch.


Then to restrict access between the networks setup an access list deny the two networks from communicating to each other.


If you had a router that could handle vlans, you could just setup a trunk for the vlans and turn off inter-vlan routing on the router and it would work easier.

0 Helpful
Customers Also Viewed These Support Documents