Home

Forums

Stories

Knowledge Base

Business Community > Gateways > Configuring multiple SSIDs segregated with VLANs

< Gateways

Configuring multiple SSIDs segregated with VLANs

LittleJohnuk

Thursday - last edited 23 hours ago

Posts: 1

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2025-10-23

Configuring multiple SSIDs segregated with VLANs

Thursday - last edited 23 hours ago

Tags: #VLAN & Multi-Networks

Model: ER7212PC

Hardware Version: V2

Firmware Version: 2.1.2 Build 20250705 Rel.59147

I'm trying to configure an ER7212PC controller with a bunch of AC1350 access points so that I can have multiple SSIDs - both have internet access, one will also connect to the wired networks, but the other is strictly internet only (this is for a restaurant, where we have a password protected guest wifi, but the staff wifi includes wired devices like the tills etc).

I've found some instructions where I create network profiles, SSIDs with VLANs, etc, and this is great - the only think I can't do is get wired devices to communicate with the staff wifi.

I guess that this is because the controller doesnt appear as a switch, I can't configure the ports on the controller with VLAN tagging - is that correct, i.e. I just need to buy a switch and I can configure the tagging for wired?

Thanks,

John

1 Accepted Solution

Vincent-TP

23 hours ago - last edited 23 hours ago

Posts: 3881

Helpful: 394

Solutions: 1319

Stories: 0

Registered: 2024-06-22

Re:Configuring multiple SSIDs segregated with VLANs-Solution

23 hours ago - last edited 23 hours ago

Hi @LittleJohnuk

Thanks for posting here.

Yes, ER7212PC is mainly a router, and lack of switch ACL feature. And yes, adding an Omada SDN switch, you can configure switch ACL.

Below is a link of Omada SDN switch for your reference:

https://www.omadanetworks.com/us/business-networking/omada/switch/

Wish you a happy life and smooth network usage! >Get the Latest Omada SDN Controller Releases Here< >Experience the Latest Omada EAP Firmware<

Recommended Solution

GRL

LV4

16 hours ago - last edited 16 hours ago

Posts: 853

Helpful: 359

Solutions: 102

Stories: 0

Registered: 2022-01-02

Re:Configuring multiple SSIDs segregated with VLANs

16 hours ago - last edited 16 hours ago

@LittleJohnuk

What Access Points are you using exactly?

If they support SSID vlan tagging this should be easy with what you have

Leave the default network alone, PVID 1 or whatever

create network "Staff" Tag 10

create network "Guest" Tag 20

Connect the Access points to the router ports. The ports will already carry the staff and guest networks and have them as tagged. Set up the access points with an IP on the default network which is now your management network

Setup the access points

SSID 1 - "Staff" - Tag 10

SSID 1 - "Guest" - Tag 20 - Activate Guest Mode

Set up Gateway ACLs in the controller, type "LAN<>LAN", Protocol "All"

Source "Guest" - Destination "Default & Staff" - DENY

Source "Staff" - Destination "Default & Guest" - DENY

Source "Default" - Destination "Staff & Guest" - DENY

This will isolate them all from each other

Back to the router, Set another one of its ports as PVID 10 (Staff) - this will set it as untagged on the staff network for all your point of sale etc stuff If you need more ports either get a little omada switch like SG2008P (for POE to your access points) or a dumb switch can excent the "staff"wired network hanging off the port you just set the PVID on

Now, the staff WiFi can access all the point of sale stuff. Guest wifi can only access the internet.

Configuring multiple SSIDs segregated with VLANs

Configuring multiple SSIDs segregated with VLANs

Information

Voters 0

Tags