UBNT EdgeRouter LAN Config Issue
-
I guess the confusing part for me, is from my point of view, I'm trying to figure out why would I need all 4 of the LANS there on the router? I assume this is so the router can see between each network and route.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
So when I reset the Guest Wifi just only include 10.10.4.1 and when I need more space, just switch from /24 to /22 as need permits.
Correct.
Depending on how you setup the guest network, you'll need to have it set to use the correct VLAN. This can be one at the SSID level on the controller. -
Not using it but if this would lessen the burden, I would go ahead and get it done now vs waiting for it to fall in my pants months down the road lol.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
I guess the confusing part for me, is from my point of view, I'm trying to figure out why would I need all 4 of the LANS there on the router? I assume this is so the router can see between each network and route.
It's because you don't want to break what you have today.
-
GOTCHA!
So what should have occured originally was, when the router was configured, it should have only included the 10.10.0.1 gateway for the eth1 interface. Then from the Windows Server, when setting up the scope, each scope should have been spelled out as 10.10.0.1 - 10.10.3.254 then I could have came back and made one more scope to only be 10.10.4.1 through 10.10.4.254 (just for guest wifi).
-
@dashrender said in UBNT EdgeRouter LAN Config Issue:
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
I guess the confusing part for me, is from my point of view, I'm trying to figure out why would I need all 4 of the LANS there on the router? I assume this is so the router can see between each network and route.
It's because you don't want to break what you have today.
Correct. This design I laid out is a swing migration design.
It lets everything work as it currently functions throughout the entire process.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
GOTCHA!
So what should have occured originally was, when the router was configured, it should have only included the 10.10.0.1 gateway for the eth1 interface. Then from the Windows Server, when setting up the scope, each scope should have been spelled out as 10.10.0.1 - 10.10.3.254 then I could have came back and made one more scope to only be 10.10.4.1 through 10.10.4.254 (just for guest wifi).
Correct, but that said - I wouldn't use Windows to give DHCP to your Guest network for a few reasons:
- you'd have to allow traffic from the guest network onto the production network so the Windows Server could answer those requests, or you'd have to dual zone the Windows server into both networks.
- Any device you provide DHCP or DNS services to, you have to have a CAL for. This gets expensive fast.
Instead, I'd enable DHCP on the ER for that network. No licenses required, everything stays completely separate.
-
@dashrender said in UBNT EdgeRouter LAN Config Issue:
ired, everything stays completely separa
I wouldn't have a license issue either way, I have DC but your right that would mean I would have fun to deal with. I wasn't intending for the guest WIFi to be on windows anyways, I use the same wifi at home it's just easier to keep up with it on the ubiquiti.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
@dashrender said in UBNT EdgeRouter LAN Config Issue:
ired, everything stays completely separa
I wouldn't have a license issue either way, I have DC
Huh? What does DC mean or have to do with licensing? If you're talking about Windows Server DataCenter edition - that only covers the VMs on that host, it does not cover user CALs.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
@dashrender said in UBNT EdgeRouter LAN Config Issue:
ired, everything stays completely separa
I wouldn't have a license issue either way, I have DC
What does DC have to do with CALs? It doesn't.
but your right that would mean I would have fun to deal with. I wasn't intending for the guest WIFi to be on windows anyways, I use the same wifi at home it's just easier to keep up with it on the ubiquiti.
Unless you're rolling your own guest network, it's literally just a check box in the management software.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
I wasn't intending for the guest WIFi to be on windows anyways,
I'm not sure what you mean?
I use the same wifi at home it's just easier to keep up with it on the ubiquiti.
You can use the same APs (UAP AC whatevers in this case) for both the production network and the guest network. In this case, you'd have a VLAN for the guest network, so when someone joins the guest SSID, they are automatically assigned the guest VLAN, and get DHCP from the ER.Note you would NOT use the guest network option in Unifi controller for this network.
-
Well see the office wifi is talking to only office devices, the guest wifi hell it's a wild wild west. Non profit or not lol don't think I want to pay for every device we have in here
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
Well see the office wifi is talking to only office devices, the guest wifi hell it's a wild wild west. Non profit or not lol don't think I want to pay for every device we have in here
I don't follow. You can put bandwidth caps on the guest VLAN at the firewall if you want to keep that network from stealing all the bandwidth. I think I have my guest network limited to like 6 Mb/s
-
This post is deleted! -
@Dashrender speed policy stuff can be setup in unifi without using the guest network function of the unifi system.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
Well see the office wifi is talking to only office devices, the guest wifi hell it's a wild wild west. Non profit or not lol don't think I want to pay for every device we have in here
Right, use the ERL to do the DHCP and DNS for the
10.10.4.0/24
network. -
@dashrender said in UBNT EdgeRouter LAN Config Issue:
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
Well see the office wifi is talking to only office devices, the guest wifi hell it's a wild wild west. Non profit or not lol don't think I want to pay for every device we have in here
I don't follow. You can put bandwidth caps on the guest VLAN at the firewall if you want to keep that network from stealing all the bandwidth. I think I have my guest network limited to like 6 Mb/s
Doing this is not as easy as it sounds and because it is a traffic policy, it will affect overall throughput.