Highlighted
New Member
Posts: 7
Registered: ‎08-10-2015

UniFi AP's, Guest Network and VLANS

First I am not a LAN administrator but I have some basic concepts understood. Would someone mind giving me a general direction on how to accomplish the following scenario?

 

Current setup:

- USG (out of the box settings) default DHCP 192.168.1.1/24

- Latest Unified Controller (Mac)

- Multiple UAP-Pro's

- Unmannaged switch

- One Wireless network "Staff wireless" that uses WPA Personal

 

Desired setup:

Add a guest network to all of my UAP-Pro's. Looking to support several hundered users to connect at once diveded across many APs.

- Prevent the Guest network from communicating to computers/devices on the Staff wireless network

 

Are the following steps correct or am I off the mark?

1. I will need to use VLAN tagging to introduce a new DHCP network. The switch will need to be replaced with something that supports VLAN tagging (not model specific though)

2. I will need to configure the USG to add a VLAN and change it's firewall to prevent communication between the default 192.168.1.1/24 staff network and the new VLAN for guests?

3. I will need to assign the new VLAN to the guest wireless network in the Unified Controller wireless settings?

4. I will need to tag the ports with the new VLAN on the switch that runs to the APs?

 

Established Member
Posts: 1,558
Registered: ‎07-18-2015
Kudos: 747
Solutions: 121

Re: UniFi AP's, Guest Network and VLANS

Yup, that is all correct.

 

There is a simpler way too though which does not require a VLAN aware switch or VLAN configuration.

 

You can create a second SSID in the UniFi controller and designate it as a Guest network, and then simply block access to the local subnet. In the example, I've disabled access to the 192.168.10.0/24 network on my guest SSID.

 

guestpol.JPG

The VLAN setup is better, but this is simpler and requires no new hardware yet, so might be a useful interim measure. 

If pasting output, please use the code tags button ({i})!
Please help the community find useful posts and solutions by hitting the "Kudos" and "Accept as Solution" buttons!