aaron_ruppert's profile

3 Messages

 • 

90 Points

Wed, Jul 12, 2017 1:49 PM

Retirement community with 1200+ residents. How can we setup individual "networks" without 1200+ SSIDS?

the goal is to have joe smith print to the printer in his apartment from anywhere on campus. or allow him to use his phone to control his tv.  etc. 

We use radius for corporate devices with a single SSID, works great.

For our residents we have a seperate SSID. Another seperate for guests. 

if we use radius we can assign Vlans to each resident.  What would be the onboarding process for their devices? What is the maximum number of VLANs this could support?

Would we need to create an NPS policy for each user?  Is this a good use case for CLoudpath?

 I'm trying to wrap my head around this and am probably missing something simple. I appreciate any help or clarification you can provide.
Brand User

Former Employee

 • 

2.6K Messages

 • 

44.8K Points

5 y ago

Do you ever talk to the folks you bought your equipment from?  Detailed design questions and products to meet CU needs are what your VARs are there for, and whom we'd like to to contact please.

3 Messages

 • 

90 Points

Yes, but I like to have some ideas beforehand so both they and I can be prepared. thanks!

24 Messages

 • 

320 Points

5 y ago

Why don't you make a Vlan for corporate users and a Vlan for guest and students.

You can then allow students and guest only access to the internet and corporate users access to the printers, servers and internet.


Our college environment is setup in the fashion and it works flawlessly:

Aps are on default vlan 1 with all the switches and same IP range.

We have 3 SSID  Corporate Wifi, Guest Wifi & Student Wifi

Corporate Wifi is for example vlan 2

Guest and Student SSID is for example VLAN 3

Our corporate users don't have to enter in a passkey for wireless as we are using radius server 2008r2 and their pcs have to be part of the domain computers group.

The guest ssid uses the guest feature of the zonecontroller and we generate 1 key once a week for guests.

The student ssid uses captive portal authenticating via their AD credentials on their domain controller.

Vlan 3 is blocked from seeing any other vlans on the main core switch so they only have access to internet.


Regards,


Shaun

24 Messages

 • 

320 Points

5 y ago

Apologies I misunderstood your question completely. Seems you want each resident to have their own vlan. That's a bit hectic I would say. There is a feature to block clients communicating on the same vlan. That might help in this scenario.

3 Messages

 • 

90 Points

5 y ago

the goal is to allow residents to print to their wireless printer from their ipad,or use their amazon echo to interact with other devices,etc. while still isolating them from everyone else. Client isolation kills this ability. I think I'm leaning to just using D-PSK with Vlan assigned to the users.  Unfortunately this would require a ton of DHCP scopes to be created and a lot of switch configuration to create the vlans. 

3 Messages

 • 

82 Points

5 y ago

You need an add on device - check out RG Nets.

24 Messages

 • 

320 Points

5 y ago

Wow I see what you are wanting to do. Basically have a private network for each individual household.. To be honest I haven't carried out a configuration of that kind. One way like you say is to create vlans but that's a TON of vlans. I would also like to know what a viable solution would be to carry this out.


Regards,

Shaun

Important Announcement