Ubiquiti AP Guest mode
-
I am using a vLAN arrangement here. Mainly I think due to restrictions. My kids will have people over and I do not want them in my network. I also don't want their games sucking up all the bandwidth, so it is limited on speed.
Other notes and comments: paging @JaredBusch
-
@g-jacobse what mechanism are you using to limit their speed?
What is providing DHCP/DNS for their network, for your network?
-
I did set a limit of 5 Mb on the Guest network and tested that by downloading the Windows 10 ISO, and other than a few blips, the download hit 5 Mb and stayed there for 20+ mins. My connection is 50 Mb. I was pretty impressed by how simple setting up this limiting was (overall).
-
In this case, I created separate User Groups:
-
That was the same thing I did.
WOW, you're limiting them to less than 1 Mb download, that's pretty low. What is your connection?
-
My TWC connection is not the lowest plan they have,.. but I'm running a 6/1MB line. Thus far, even with working from home now it has been decent.
They mainly play Minecraft and such on their iPads and some Youtube videos.
Thus far, other than recent signal issues, it's worked nicely.
-
huh - a 6/1 connection, I haven't seen anything that small in years. That said though, I am looking for a second ISP connection for redundancy and the best I've found so far (on the cheap that is) is a 12/2 DSL.
Our normal lowest level cable modem around here is 20/2.
-
@Dashrender said:
huh - a 6/1 connection, I haven't seen anything that small in years. That said though, I am looking for a second ISP connection for redundancy and the best I've found so far (on the cheap that is) is a 12/2 DSL.
Our normal lowest level cable modem around here is 20/2.
Wow, my parents are still on 5/.5 ADSL the only thing that is offered where they are.
-
@coliver said:
@Dashrender said:
huh - a 6/1 connection, I haven't seen anything that small in years. That said though, I am looking for a second ISP connection for redundancy and the best I've found so far (on the cheap that is) is a 12/2 DSL.
Our normal lowest level cable modem around here is 20/2.
Wow, my parents are still on 5/.5 ADSL the only thing that is offered where they are.
OUCH! no wireless options eh? or just to expensive?
-
@Dashrender said:
huh - a 6/1 connection, I haven't seen anything that small in years. That said though, I am looking for a second ISP connection for redundancy and the best I've found so far (on the cheap that is) is a 12/2 DSL.
Our normal lowest level cable modem around here is 20/2.
While not trying to stray to far, the 6/1 seems to run us okay. We watch Netflix and I can still work, AND being on a VoIP call without to much lag or drop outs.
I have kinda looked at stepping up,.. but with the kids in school now,... not much of an issue.
@coliver said:
Wow, my parents are still on 5/.5 ADSL the only thing that is offered where they are.
Friend of mine across the creek in the next county has no options right now other than Satellite, and he also works from home. He kills his monthly plan every month and has overages. Cable and DSL are not possible (to rural), and Wireless isn't the best due to the amount of cliffs and trees.
-
@Dashrender said:
@coliver said:
@Dashrender said:
huh - a 6/1 connection, I haven't seen anything that small in years. That said though, I am looking for a second ISP connection for redundancy and the best I've found so far (on the cheap that is) is a 12/2 DSL.
Our normal lowest level cable modem around here is 20/2.
Wow, my parents are still on 5/.5 ADSL the only thing that is offered where they are.
OUCH! no wireless options eh? or just to expensive?
They could do satellite (which would be very expensive) but wireless internet in our area is next to impossible. Too many mountains and valleys.
-
@Dashrender said:
I tried pinging many of those addresses (different ones from what I pinged before) and I still didn't get a response.
My guess is it is showing MAC tables and is blocked from IP access.
-
@g.jacobse said:
My TWC connection is not the lowest plan they have,.. but I'm running a 6/1MB line. Thus far, even with working from home now it has been decent.
I was working on a 2/2 not that long ago and it was enough to get by.
-
@coliver said:
They could do satellite (which would be very expensive) but wireless internet in our area is next to impossible. Too many mountains and valleys.
And introduces horrific latency.
-
@scottalanmiller said:
@Dashrender said:
I tried pinging many of those addresses (different ones from what I pinged before) and I still didn't get a response.
My guess is it is showing MAC tables and is blocked from IP access.
You think it's pulling a MAC table from the switch? Do you consider this an issue? and how do you manually query for the MAC table?
-
@Dashrender said:
You think it's pulling a MAC table from the switch? Do you consider this an issue? and how do you manually query for the MAC table?
I'm not an expert on ARP but doesn't an ARP Probe return all ARP addresses in use?
-
Guest Access does not block you from seeing those devices, it just stops you communicating.
The only benefit for Guest Access to us, is that it stops other "guest" clients disturbing each other, the VLAN is the main way that we stop people interfering with the work network.
-
@Breffni-Potter said:
Guest Access does not block you from seeing those devices, it just stops you communicating.
The only benefit for Guest Access to us, is that it stops other "guest" clients disturbing each other, the VLAN is the main way that we stop people interfering with the work network.
Guest Access on the Ubiquiti AP should stop them from messing with anything on the network, no VLAN needed.
-
@scottalanmiller said:
Guest Access on the Ubiquiti AP should stop them from messing with anything on the network, no VLAN needed.
"Should" but doesn't, I can still see other devices on the network when it's enabled.
-
@Breffni-Potter said:
@scottalanmiller said:
Guest Access on the Ubiquiti AP should stop them from messing with anything on the network, no VLAN needed.
"Should" but doesn't, I can still see other devices on the network when it's enabled.
Can you? This was tested in another thread and the answer was that there was no visibility to other devices. How are you defining "seeing" them?