NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Segregated Guest WIFI - locally managed WAX630E - help please
Hi, My equipment: Netgear_GS116PP / NetGear_JGS616 / Pfsense Firewall The NetGear_JGS616 switch (old) is currently in use until I have time to setup the Netgear_GS116PP switch (new) It's ...
The GS110PP is an unmanaged switch, no config options, so no VLAN support.
The JGS526 is a Web configurable Plus switch with VLAN support, same apply to the WAX630E and the Pfsense firewall. Your learning has to go towards configuring the Pfsense for supporting an additional network, ideally on a VLAN, with a dedicated IP subnet, including DHCP service, ...
Said this: The data has to flow from the Pfsense to the JGS516, on either a dedicated port and network, or as a tagged port. The WAX630E must be conected to a port which (in addition to the local LAN subnet, also in use for the network admin) has to be configured as a tagged network for the guest network.
It's not difficult - just needs some learning, trial-and-error. As we're on the Netgear community here, most don't have in-depth experience on Pfsense - so take this as design and implementaiton ideas.
One thing that hurts my hopes for good performance a little bit: The WAX630E is a capable, multi-band AP, with a 2.5 GbE wired uplink (optional with a trunk with two GbE ports in a LAG).
The GS110PP is an unmanaged switch, no config options, so no VLAN support.
The JGS526 is a Web configurable Plus switch with VLAN support, same apply to the WAX630E and the Pfsense firewall. Your learning has to go towards configuring the Pfsense for supporting an additional network, ideally on a VLAN, with a dedicated IP subnet, including DHCP service, ...
Said this: The data has to flow from the Pfsense to the JGS516, on either a dedicated port and network, or as a tagged port. The WAX630E must be conected to a port which (in addition to the local LAN subnet, also in use for the network admin) has to be configured as a tagged network for the guest network.
It's not difficult - just needs some learning, trial-and-error. As we're on the Netgear community here, most don't have in-depth experience on Pfsense - so take this as design and implementaiton ideas.
One thing that hurts my hopes for good performance a little bit: The WAX630E is a capable, multi-band AP, with a 2.5 GbE wired uplink (optional with a trunk with two GbE ports in a LAG).
TYVM for your response.
So, perhaps getting another AP and use it just for guest access on a separate nic port/subnet with firewall rule sin place might be the easiest?
I don't mind spending money when I have to, but, I do not want to learn a bunch of stuff I won't really need (I am 60 and an IT Analyst 3 specializing in desktops, not servers, switches, routers etc.). I plan on retiring very, very soon.
A reply comment would be appreciate on what you think about the second AP on a guest WIFI - I over 4000 sq. feet in my home with the finished basement included (3980sq. feet on ground and 2nd floor) so I worry about the WIFI's interfering with each other.
I am also OK if you think I should return the unmanaged switch and purchase a managed switch - I think it was only a $200.00 difference.
Any other ideas you might ahve about this would be greatly appreciated including returning the new switch to purchase another by your suggestion.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
