r300 vlan without ZD

  • 2
  • Question
  • Updated 2 years ago
Hi i am deploying (3) R300 access points without the zone director. We would like to run the wireless on a different Ip range as the wired lan and not have the wireless clients able to connect to any resources on the wired lan. is that possible with only the access points?

Thank you.
Photo of Lushano Johnson

Lushano Johnson

  • 4 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 2
Photo of Monnat Systems

Monnat Systems, AlphaDog

  • 776 Posts
  • 163 Reply Likes
Hi.

Both things are possible without controller however you would need a L3 switch. L3 switch would help you create VLAN's which will segment your WIFI network away from your LAN.

VLAN created on L3 switch need to be tagged on WLAN's on the AP to make your requirements getting fulfilled...
Photo of Lushano Johnson

Lushano Johnson

  • 4 Posts
  • 0 Reply Likes
thank you for the response. i setup the access points using the option for the separate subnet and dhcp so the wireless clients are receiving ip addresses that are different from the lan range but in testing i am still able to reach the lan from a wireless client. The access points are connected to a net gear ProSafe FS728TPv2. do you know if that is an L3 switch and can it do what i need?
Photo of Sean

Sean

  • 346 Posts
  • 88 Reply Likes
You dont need a Layer 3 switch as this can be done via VLAN's which are Layer 2

You can seperate client and management access by changing the wan ip address on the AP.

Prior to setting the IP address on the WAN make sure that port on the AP that is connected to the switch is set to trunk:
set interface eth0 type vlan-trunk untag 1
Note: it may be eth2 if its a 7363

IP Address Commands
set ipaddr wan vlan 10 dynamic
or
set ipaddr wan vlan 10 10.10.10.2 255.255.254.0 10.10.10.1
Then for client traffic just adjust the access VLAN in the WLAN config.

Note:the ports facing the AP's, and the uplink ports between switches, need to be set to trunk (tagged frames), and allow the VLAN's for both MGMT and client traffic.

Good Luck
(Edited)
Photo of Lushano Johnson

Lushano Johnson

  • 4 Posts
  • 0 Reply Likes
Hello Sean thank you for the reply. I tired the setup with my netgear switch based on your instructions and once I do I cannot connect to the Internet. I already had the separate subnet setup in the access point so my wireless clients are receiving alternate ip addresses apart from the lan but like I said when I tried following the instructions they could no longer reach the Internet. Is it possible a step may be missing?

Thank you
Photo of Sean

Sean

  • 346 Posts
  • 88 Reply Likes
Is your topology is like this:

Photo of Lushano Johnson

Lushano Johnson

  • 4 Posts
  • 0 Reply Likes

Sorry not exactly no.

I have the R300 Access point(one port) connected to--> netgear switch which is connected to another netgear switch that servers, pcs,  sonicwall etc are on and the sonicwall connects to the internet service

Photo of Sean

Sean

  • 346 Posts
  • 88 Reply Likes
Log in to an AP via the cli and post the output from the following commands:
get interface
and
get ipaddr wan