Set PPSK profile to use Default LAN

Set PPSK profile to use Default LAN

Set PPSK profile to use Default LAN
Set PPSK profile to use Default LAN
2024-10-27 03:02:03 - last edited 2024-10-28 08:12:51
Model: EAP620 HD  
Hardware Version:
Firmware Version:

Recently I started looking at the possibility of isolating most of the clients connected on my WIFI from Default LAN, but still leave some devices in that network, all using the same SSID.

So searching a bit I found that PPSK (without RADIUS) does it, but when I created a PPSK Profile to use Default VLAN (1), it returned a error, and by looking at some posts here, it seems you just can't tag the Default LAN VLAN, so how to I work around it? Or I must create a different network and unless I set ACL Rule it can still communicate with another Subnet?

 

 

  0      
  0      
#1
Options
1 Accepted Solution
Re:Set PPSK profile to use Default LAN-Solution
2024-10-27 08:39:51 - last edited 3 weeks ago

  @Chris_45 

 

vlan1 is untagged so if you set 1 it is tagged and does not work. leave the vlan field untouched do not write anything at all

 

Recommended Solution
  1  
  1  
#2
Options
4 Reply
Re:Set PPSK profile to use Default LAN-Solution
2024-10-27 08:39:51 - last edited 3 weeks ago

  @Chris_45 

 

vlan1 is untagged so if you set 1 it is tagged and does not work. leave the vlan field untouched do not write anything at all

 

Recommended Solution
  1  
  1  
#2
Options
Re:Set PPSK profile to use Default LAN
2024-10-28 08:12:30 - last edited 3 weeks ago

Hi  @Chris_45 

 

Recently I started looking at the possibility of isolating most of the clients connected on my WIFI from Default LAN.

>>>You can create a guest SSID for these clients. This will be the simplest way.

  0  
  0  
#3
Options
Re:Set PPSK profile to use Default LAN
3 weeks ago

  @MR.S thanks that worked fine, honestly I thought that VLAN was necessary for PPSK to work

  0  
  0  
#4
Options
Re:Set PPSK profile to use Default LAN
3 weeks ago

  @Chris_45 I'm just configuring some PPSKs for a similar purpose. What design have you ended up with? 

 

In my initial setup I have clients split between my default LAN 192.168.x.x and a tagged LAN 172.24.x.x. Clients are split between the two IP networks, but my unmanaged switch or the router is routing packets between them. Have you set up some ACLs to isolate your LANs?

 

I'm using an ER7212PC and I've not added a managed switch, so I only have Gateway and EAP (Access Point) rules to play with. 

 

I already have a guest network and a separate SSID, but am interested in what I can do without needing the extra beaconing.

  0  
  0  
#5
Options