Creating 2 VLANS, 1 with internet, 1 without
I have a wireless network with 2 ssid's. How can I give internet to one of them and not to the other?
The network has a local web server which both ssid's need to get to.
Is there a straight forward way of doing it??
Network currently looks like this:
INTERNET -- ROUTER P0-ROUTER P1 -- Switch -- Wifi
- The router is giving out the DHCP
- The router does have another port which I'm not using at the moment.
I suppose I could create a VLAN like this:
-- ROUTER P1 (vlan1) -- Switch -- Wifi
INTERNET -- ROUTER P0 <
-- ROUTER P2 (vlan2) -- Switch -- Wifi/Hardwire
Im not 100% sure on vlans so the above may not work but its a start…
Hardware
Router - UBIQUITI Edge Router
Switch - UBIQUITI Toughswitch
Wifi - UBIQUITI Unifi UAP Pro
Any pointers??
Steve
The network has a local web server which both ssid's need to get to.
Is there a straight forward way of doing it??
Network currently looks like this:
INTERNET -- ROUTER P0-ROUTER P1 -- Switch -- Wifi
- The router is giving out the DHCP
- The router does have another port which I'm not using at the moment.
I suppose I could create a VLAN like this:
-- ROUTER P1 (vlan1) -- Switch -- Wifi
INTERNET -- ROUTER P0 <
-- ROUTER P2 (vlan2) -- Switch -- Wifi/Hardwire
Im not 100% sure on vlans so the above may not work but its a start…
Hardware
Router - UBIQUITI Edge Router
Switch - UBIQUITI Toughswitch
Wifi - UBIQUITI Unifi UAP Pro
Any pointers??
Steve
ASKER
I havent used vlans before...
I assume I add VLAN 1 to one ssid and VLAN 2 to the other.
Can you choose any numbers for the vlan?
Do I need to set any vlan number in my switch?
I assume I add VLAN 1 to one ssid and VLAN 2 to the other.
Can you choose any numbers for the vlan?
Do I need to set any vlan number in my switch?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You would also create the VLANs in your router and assign the router IPs in both vlan's. These are the gateway IPs for your WLAN subnets.
Then, just create a reject rule for all traffic in the VLAN you do not want to have internet connection, denying everything but local subnets. This should be possible with your router. (in your router, this would be "Firewall Policies" - but using the internal interface).
Is this what you wanted to know or do you need more assistance?