Link to home
Start Free TrialLog in
Avatar of hypercube
hypercubeFlag for United States of America

asked on

WiFi Routers with Guest Network capability

I've run into some issues lately that tell me I don't understand "Guest" WiFi capabilities.  i.e. what's common in commodity routers?

My mental model of the simplest WiFi router would be:
A switch which has the LAN ports connected to it and at least one WiFi "radio" connected to it.
A WAN port which is isolated by a "processor" providing interfacing to the LAN via NAT, etc.

But the model is less clear to me when there's a Guest SSID.  Here are some ideas:

The Guest network is on a VLAN that shares the same "radio" but with a separate SSID.  This means it's always on the same channel and the SSIDs time share the channel.  

In some cases, the Guest network is on a real VLAN with a different subnet.
In other cases, the Guest network is on the same subnet as the "main" SSID and the IP addresses are kept segmented / isolated (or not if so chosen).

The Guest network is on a "VLAN" that uses a different "radio" / different channel and different subnet and is (more?) likely to be isolated (or not if so chosen).

I have no idea why one would select to set up a Guest network and then share it with the main network..... :-o

What's your: Experience?  Mental model?  Beliefs?  Understanding?

Today's case study:

A simple network with 2 Mac Pro computers and an HP  Laserjet Pro 8600 Printer.  All are connected via WiFi to a Netgear WNDR4300 router.
The router is in the office of an Inn and has a Guest network capability - so I set it up.  So there are now two SSIDs: INN and GUEST.
To keep the guest information unchanged, we gave the Guest network the same NETGEAR SSID and passphrase as the main network had been using and (first) renamed the SSID for the main network.

The Macs didn't necessarily even "see" the new main network SSID "INN".
The printer didn't either.
Eventually I got it all working but, as a test, rebooted the printer.  It reverted to connecting to the SSID for the Guest network and was isolated.
Finally, I gave up on the Guest network all together and, after rebooting the router, everything is back to normal.

My conclusion in this case was that the channels were being shared - as there was no channel selection provided for the Guest network at all.  And, this caused the various devices to be confused re: SSIDs, channels, etc.  In turn, *they* confused me!

Open in new window

SOLUTION
Avatar of John
John
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Sandeep Gupta
Sandeep Gupta
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of hypercube

ASKER

John Hurst:  I'm sure that I responded but this was one of those that seems to have disappeared!  
Thanks for the information.  This sounds much like what I've seen in various routers including Engenius and Ubiquity.

Sandeep:  Well maybe I was a little loose with the terminology in my descriptions.  But, yes, I understand the difference.  It's not guaranteed that Guest and Main are on separate VLANS in the sense of separate SUBNETS.  For example, a DHCP server might provide addresses in the same subnet to both Guest and Main and the router will keep those addresses isolated.  I was just looking at this yesterday just before I wrote this question.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I just set up a VLAN here. My working network is on the 100 subnet and all is working and accessible.

I set up the default VLAN Number 25 on my Cisco RV 325 router and the first default VLAN is on subnet 2.

I have a computer hooked up on subnet 2 and it cannot see any resources on subnet 100 at all.

I can see (ping) but not access anything.
John Hurst:  The RV325 doesn't appear to be a router with WiFi capability.  I'm trying to understand what variations exist in routers with WiFi capability.  There's a good reason for that.  If one expects a WiFi router to have more or less "standard" behavior (and it doesn't) then time is lost and reputation may suffer.
The RV325 does not have Wi-Fi but:

1. It supports good VLAN's.
2. You can add a Wi-Fi router to it - I do this.

Or you can use a Cisco RV Wi-Fi router that supports VLANs. The Cisco RV220W does support VLAN's but I think newer Cisco models do as well.
John Hurst:  Yes I could add an access point to some router with the needed capabilities if I were trying to solve an application problem directly.  My question here was directed at knowing better what to expect from a range of products that appear to "offer the same thing".  They don't.  It's not good to get caught in the middle of a minor implementation and be stuck by some unexpected product behavior or lack of capability.
I have a nice VLAN running on my RV 325 and the Cisco Wireless will do the same thing.
The issue here isn't whether I know how to do the various configurations.  The issue is what variations might we expect to find amongst various commodity WiFi routers?  I asked this because I was surprised at what I found.  So, I proposed some models that might help categorize WiFi routers.  I've not heard anything that confirms that popular WiFi routers fall into which model context.  

If you don't like the model outline then please suggest another.

So, to be a qualified responder, it seems you would know of one or more WiFi routers and be able to say something about how they're implemented internally or functionally.  And, you'd be willing to share what you know.  I have no doubt that many things do work and that many different network configurations do work.  At the same time, our assumptions about what we may encounter at an installed site could be troublesome.
Maybe nobody really knows how these things work and just luck out with good intuition.
I'm not trying to solve a specific problem.
I'm trying to understand what to expect from various products.  What variations are there?  I've worked with quite a number of them but probably didn't understand what I was dealing with.
Part of the problem no doubt is that terminology varies from manufacturer to manufacturer.

In the case I started with as an example, devices were seeing one SSID and not the other.  I still don't understand WHY this would be.  I gave some prospective descriptions to get the ball rolling but that seems to have failed in generating a dialog.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
masnrock: Thanks for the comment.  I'm sure that must be the case.  Not to argue: I would say that simply isolated from other hosts is the definition of a VLAN or even multiples of VLANs.  Isn't that right?
Thanks all