I have watched the Lawrence Systems videos on setting up a VLAN and Firewalls. However, I’m confused on if I can have several VLANS on my wifi system.
I will set up a pfsense box, I have a Unifi 16 port managed switch, and I have two Unifi AP-Pro’s (upstairs/downstairs) in my house.
Can I have regular wifi from my two AP’s for my LAN network…and a VLAN SSID (e.g. IOT) for all my IOT equipment (e.g. smart switches, echo dots, etc). Is this possible?
My confusion is on the switch ports the AP’s plug into. Can I have a regular LAN and a VLAN coming off the same ports? (Currently use port 3 and 4 on my Unifi switch to power AP’s and data).
I do not use pfSense, but the result should be the same.
I have a network (VLAN1) for all the Unifi gear such as the switch / ap and controller, let’s call it LAN. Furthermore I have defined 3 wireless networks, each connected to a different VLAN, let’s call them IOT, TRUSTED and UNTRUSTED.
The switch port to which the AP is connected uses a so-called ‘Switch Port Profile’. In this switch port profile I have defined LAN as native network and IOT / TRUSTED / UNTRUSTED as tagged networks.
The LAN (i.e. the network used by your Unifi gear) needs to be the untagged network, so the controller can manage the AP.
Hope this helps.
N.B. The maximum number of wireless networks supported on an AP is 4.
If your AP supports multiple SSIDs on the same band then yes, not all APs support multiple SSIDs. If you inspect the manual it will tell you, if you have it running then try adding a second and see what happens.
Correct and you need to configure the switch port with both the LAN (untagged) and the network with the same vlan as used in the IOT wireless network (tagged).