Securifi Community Forum

Securifi Products => Almond+ => Topic started by: tysonkam on August 21, 2015, 08:50:17 am

Title: Guest Network not working in AP mode
Post by: tysonkam on August 21, 2015, 08:50:17 am

I just tried using the guest network function for the first time (R80 and in AP mode) and when I appear to be activating it in the webUI, the network never appears to be active. Any trick to turning it on?

Title: Re: Guest Network not working in AP mode
Post by: Ashok on August 21, 2015, 10:33:54 am

@ tysonkam,

Can you try the same from LCD UI and let us know the status. Also, are you enabling 2.4 GHz or 5 GHz guest network?

Title: Re: Guest Network not working in AP mode
Post by: tysonkam on August 21, 2015, 01:06:41 pm

Thanks much, Ashok.

I just tried turning on and off and rebooting both the 2.4 and 5GHz modes from the LCD and still doesn't seem to work. I tried manually entering the guest ssid into two different devices, and I can't find the guest networks.

Title: Re: Guest Network not working in AP mode
Post by: razzfazz on August 21, 2015, 03:13:39 pm

In AP mode, what would you expect the guest network to actually do? Seeing as how A+ still doesn't seem to support VLAN tagging, it seems like all it could do in AP mode is just connect the guest networks straight to your wired network, just like the non-guest ones!?

Title: Re: Guest Network not working in AP mode
Post by: tysonkam on August 22, 2015, 08:36:11 pm

Thanks for the sarcasm as I was looking for help; real classy. I figured out the limitations of guest network function in AP mode.

A product suggestion might be to disable the guest network function in AP mode.

Title: Re: Guest Network not working in AP mode
Post by: Automate on August 22, 2015, 10:41:17 pm

Quote from: razzfazz on August 21, 2015, 03:13:39 pm

In AP mode, what would you expect the guest network to actually do? Seeing as how A+ still doesn't seem to support VLAN tagging, it seems like all it could do in AP mode is just connect the guest networks straight to your wired network, just like the non-guest ones!?

A guest network on an AP should only allow packets to and from the default gateway.  Traffic to and from any other IP address on the local LAN should be blocked.

Title: Re: Guest Network not working in AP mode
Post by: razzfazz on August 23, 2015, 02:03:02 am

Quote from: tysonkam on August 22, 2015, 08:36:11 pm

Thanks for the sarcasm as I was looking for help; real classy.

Is that directed at me? No sarcasm was intended -- I was just curious what you thought the behavior should be in this mode; it's certainly not obvious.

Title: Re: Guest Network not working in AP mode
Post by: razzfazz on August 23, 2015, 02:13:55 am

Quote from: Automate on August 22, 2015, 10:41:17 pm

A guest network on an AP should only allow packets to and from the default gateway.  Traffic to and from any other IP address on the local LAN should be blocked.

The problem is that in AP mode, the A+ basically acts like an Ethernet bridge between the LAN and the WLAN; no IP addresses are involved in layer 2 forwarding (which is based on MACs), so filtering based on IP addresses isn't feasible. Other devices (e.g. AirPort) provide isolation in AP mode by putting the WLAN on a separate VLAN (which is an L2 construct) from the LAN, but the A+ still doesn't support VLAN tagging.