Difference between revisions of "Template:Networking rut configuration example vlan guest wifi"

From Teltonika Networks Wiki
Line 138: Line 138:
  
 
Guest hosts cannot access any data from the pool 192.168.1.0/24 and vise versa.
 
Guest hosts cannot access any data from the pool 192.168.1.0/24 and vise versa.
 +
 +
----
 +
 +
<table class="nd-othertables_2">
 +
    <tr>
 +
        <th width=525; style="border-bottom: 1px solid white;"></th>
 +
        <th width=620; style="border-bottom: 1px solid white;" rowspan=2>
 +
[[File:Networking rutos configuration examples guest wifi 12 v2.jpg|border|class=tlt-border|300px|center]]</th>
 +
    </tr>
 +
    <tr>
 +
        <td style="border-bottom: 1px solid white>
 +
Wireless users connected to SSID: “'''GUEST'S_WIFI'''”, will be assign to LAN “Guest”, and will get IP from new pool '''10.10.10.0/24'''.
 +
        <ol>
 +
            <li></li>
 +
            <li></li>
 +
            <li></li>
 +
        </ol>
 +
        </td>
 +
    </tr>
 +
</table>
 +
 +
----
 +
 +
<table class="nd-othertables_2">
 +
    <tr>
 +
        <th width=525; style="border-bottom: 1px solid white;"></th>
 +
        <th width=620; style="border-bottom: 1px solid white;" rowspan=2>
 +
[[File:Networking rutos configuration examples guest wifi 11 v1.jpg|border|class=tlt-border|300px|center]]</th>
 +
    </tr>
 +
    <tr>
 +
        <td style="border-bottom: 1px solid white>
 +
Guest hosts are unable to access any data from pool 192.168.1.0/24. And access to RUTX Web UI or SSH is restricted.
 +
        <ol>
 +
            <li></li>
 +
            <li></li>
 +
            <li></li>
 +
        </ol>
 +
        </td>
 +
    </tr>
 +
</table>

Revision as of 08:11, 17 August 2020

Introduction

Sometimes there is a need to share your internet connection with visitors. It is not secure to share local area network with guest’s. They might accidentally download a malicious program or connect an already infected phone or laptop to the network. Also if you have lots of home smart devices (IoT), they tend to be far more vulnerable than computers. That means that if they are connected to the main network and hacked, intruders can get into your other devices. One of the possible solutions is to create Guest WiFi separated by VLAN. This guide will show you how to do this for RUT devices.

New wireless access point

Networking rut2 configuration examples vlan guest wifi 3 v1.png

Login to the router's WebUI and navigate to the Network → Wireless page and do the following:

  1. Create new Wireless Access Point (click Add).
  2. Enable the instance.
  3. Enter SSID on General Setup tab.
  4. Save changes.

Networking rut configuration examples vlan guest wifi 1 v3.png

Switch to Wireless Security tab

  1. Select Encryption type.
  2. Select Cipher type.
  3. Enter Key.
  4. Save changes.

Networking rut2 configuration examples vlan guest wifi 4 v1.png

Wait for configuration to apply. Two Wireless Access Points should be enabled

New LAN

Networking rut configuration examples vlan guest wifi 3 v1.1.png

Navigate to the Network → VLAN → LAN Networks page. There create a new LAN by writing the Name and clicking Add button.

  1. Enter a custom LAN name for the LAN network.
  2. Click Add New button.

Networking rut2 configuration examples vlan guest wifi 7 v1.png

Then you will be automatically forwarded to the new configuration settings. Now apply the following configuration:

  1. Fill in the LAN IP address.
  2. Select IP netmask.
  3. Enable DHCP server.
  4. Save changes.

LAN to VLAN

Networking rut2 configuration examples vlan guest wifi 8 v1.png

Navigate to the Network → VLAN → VLAN Networks page and do the following

  1. Select VLAN Port based mode.
  2. Click Add button. The new VLAN (VLAN ID 2 will be created).
  3. For VLAN ID 1 set main Wireless Access Point name (example: “RUT_WiFi”) and LAN => “lan”.
  4. For VLAN ID 2 set Guest’s Wireless Access Point name (example: “Guest_WiFi”) and LAN => “lan_Guest”.
  5. Save changes.

Results

If you've followed all the steps presented above, your configuration should be finished. If you are near a RUT, that is, in a wireless zone, turn on WiFi on your device and view the available networks. You should see the available SSID - "RUT_WiFi" and "Guest_WiFi". Select one of them and enter the appropriate WiFi password.

Wireless users connected to SSID: “RUT_WiFi”, will be assign to “lan”, and will get IP from main pool 192.168.1.0/24.

Wireless users connected to SSID: “Guest_WiFi”, will be assign to “lan_Guest”, and will get IP from new pool 10.10.10.0/24.

Guest hosts cannot access any data from the pool 192.168.1.0/24 and vise versa.


Networking rutos configuration examples guest wifi 12 v2.jpg

Wireless users connected to SSID: “GUEST'S_WIFI”, will be assign to LAN “Guest”, and will get IP from new pool 10.10.10.0/24.


Networking rutos configuration examples guest wifi 11 v1.jpg

Guest hosts are unable to access any data from pool 192.168.1.0/24. And access to RUTX Web UI or SSH is restricted.