NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Need help setting up a guest wireless network
At my home I'm trying to setup and open wireless network for guest access when I turn it on. I have a GS724T switch with a WG302 access point. I've created two wireless networks in the WG302: one for my wireless network that I use all the time (encrypted) and a open network for guest use. I want to keep the traffic for the guest network separate from my private network so I set up the guest wireless network as VLAN 2 and the encrypted network is VLAN 1. I have a pfSense firewall system that provides DHCP service to the network (I would like both VLAN networks on the same network segment). The WG302 is plugged in to port 5 on the GS724T and the firewall is on port 1. I tried making ports 1 and 5 untagged for VLAN 2 (all other ports are blank) in the switch but if I do that then devices connecting to the guest network don't get an IP address for port 1. The tagged/untagged for VLAN 2 is also a little confusing for me for the port that the WG302 is attached to (port 5) because it carries traffic for both VLANs 1 and 2.
I've tried all of the combinations of tagged/untagged for ports 1 and 5 on VLAN 2 but nothing works. Can anyone offer any insight on how I should configure this to keep my guest wireless network separate from the rest of the network?
2 Replies
- I'm having a similar issue. Did you ever get this resolved?
- One of the key errors I ran into myself and happened to see doing others with VLANs on Smart and managed Netgear switches was the PVID (Port VLAN ID) setting getting forgotten.
When devices tag their packets (most *nix OS and Windows with Server NICs can do) and the ports are tagged members of this VLAN, traffic will pass.
If you have an untagged membership and the device does not actively tag the packets, the switch has to know in what VLAN it has to "throw" the untagged traffic. If you want to get untagged traffic to flow between member ports, you need to check that the PVID is also set to according VLAN. The default is VLAN 1 for every port, you need to change that for to your according VLAN ID.
Your Access Point should also be able to tag packets from (at least) the secondary SSID.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
