Network 's configuration for a Hotel
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Network 's configuration for a Hotel
Models : TL-R480T+, T1700G-28TQ, T1600G-28PS, AC50
Hardware Version : TL-R480T+ v8.0, T1700G-28TQRev2, T1600G-28PS 2.0, AC50 v1.0
Firmware Version : 1.2.0 Build 20160809 Rel.40742s, 2.0.1 Build 20170608 Rel.61525(s), 2.0.0 Build 20160922 Rel.58984(s), 1.0.1 Build 20170706 Rel.72258
ISP : Orange
Hello everyone,
I am not a vlan expert :p and i need help for to configure my hotel's network.
I have already configured the ssid name and add the network to all CAPs.
Everything is working.
I joined a plan to see how it's working.
And i want :
- Customers should not see each other,
- Customers must not access to the lan network (AC50, router, switchs)
Is it better to put each cap in a different vlan or group them all in one ?
What is the "vlan blinding" of the AC50 ?
What is the best recommended configuration ?
Sincerely yours.
Hardware Version : TL-R480T+ v8.0, T1700G-28TQRev2, T1600G-28PS 2.0, AC50 v1.0
Firmware Version : 1.2.0 Build 20160809 Rel.40742s, 2.0.1 Build 20170608 Rel.61525(s), 2.0.0 Build 20160922 Rel.58984(s), 1.0.1 Build 20170706 Rel.72258
ISP : Orange
Hello everyone,
I am not a vlan expert :p and i need help for to configure my hotel's network.
I have already configured the ssid name and add the network to all CAPs.
Everything is working.
I joined a plan to see how it's working.
And i want :
- Customers should not see each other,
- Customers must not access to the lan network (AC50, router, switchs)
Is it better to put each cap in a different vlan or group them all in one ?
What is the "vlan blinding" of the AC50 ?
What is the best recommended configuration ?
Sincerely yours.
File:
Re:Network 's configuration for a Hotel
Hi Tammy007, thanks you !
Yes it's set.
I mean that if clients will connect to a CAP, they will not can access to router's page at 192.168.0.1 for example. I read somewhere something about ACL on switch, but i don't know if it possible to block it.
Allright. On the AC50 is it necessary to set every CAP on each VLAN when those Vlan are been allready set on the switchs
Like CAP300-9 on VLAN 100, CAP300-0 on VLAN 101,...
Take a look at how i have configured these ports :
Yes it's set.
I mean that if clients will connect to a CAP, they will not can access to router's page at 192.168.0.1 for example. I read somewhere something about ACL on switch, but i don't know if it possible to block it.
Allright. On the AC50 is it necessary to set every CAP on each VLAN when those Vlan are been allready set on the switchs
Like CAP300-9 on VLAN 100, CAP300-0 on VLAN 101,...
Take a look at how i have configured these ports :
Re:Network 's configuration for a Hotel
Yes, you can block it with ACL on switch. Just set the source IP address as the subnet of CAP and the destination IP address as 192.168.0.1(the interface of router)
Yes, you need to set the VLAN interface of AC50 to include all the VLAN of CAP. Then you need to set DHCP pools for all the VLAN of CAP, and the target of DHCP server should be "For AP and client"
Take a look at how i have configured these ports :
The access port means engress data without VLAN tag. All of the ports above should be trunk port(PVID can set to 1) or general port with tag, except port 10 of T1700-28TQ.
Re:Network 's configuration for a Hotel
Hello Tammy007, thanks a lot :)
I need to block access to the router's web page 192.168.0.1 , the 2 switchs : 192.168.0.2 and 192.168.0.3 and the AC50 at 192.168.0.253
Everything will just works fine after that ?
My dhcp adress pool begins at 192.168.0.1/24 and if i sets it for the S-IP nothing could works again.
Ok, finally i try to do something similar to this configuration and the target of DHCP server is "For AP only" on the AC50.
Ok.
The configuration updated :
On AC50, every CAP is tagged on its VLAN and everything works great ! :p
I need to block access to the router's web page 192.168.0.1 , the 2 switchs : 192.168.0.2 and 192.168.0.3 and the AC50 at 192.168.0.253
Everything will just works fine after that ?
My dhcp adress pool begins at 192.168.0.1/24 and if i sets it for the S-IP nothing could works again.
Ok, finally i try to do something similar to this configuration and the target of DHCP server is "For AP only" on the AC50.
Ok.
The configuration updated :
On AC50, every CAP is tagged on its VLAN and everything works great ! :p
Re:Network 's configuration for a Hotel
You can set the destination IP address as 192.168.0.1/32, then it will block 192.168.0.1 only.
On AC50, every CAP is tagged on its VLAN and everything works great ! :p
Do you mean clients are working fine when they connect to CAP? But in my opinion, all the general port need to be "tag' port, except port 10 of T1700-28TQ. If the Engress rule of these ports are 'untag', the output packets of these ports will not be attached VLAN 'tag', then CAP may throw these packets away. Or you can change these general port to trunk port directly.