Setting up guest network while keeping IP-Mac binding enabled
Hello All, I have set up IP-MAC binding in my network. I have 4 VLANs for home use, and separate VLAN for guest network.
IP MAC binding has been working fine in my network, when adding the vlan for guest network I made sure this is bot selected in the IP MAC binding configuration, still guest network does not work. Users cannot even access portal page if IP MAC binding is enabled even with guest vlan excluded from the configuration. How can I resolve this?
I need guest network working with simple password portal authentication while the rest of the network is protected with IP MAC binding. Thanks.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @Diego787
Thanks for posting in our business forum.
Don't understand your question at all.
Diego787 wrote
Hello All, I have set up IP-MAC binding in my network. I have 4 VLANs for home use, and separate VLAN for guest network.
IP MAC binding has been working fine in my network, when adding the vlan for guest network I made sure this is bot selected in the IP MAC binding configuration, still guest network does not work. Users cannot even access portal page if IP MAC binding is enabled even with guest vlan excluded from the configuration. How can I resolve this?
I need guest network working with simple password portal authentication while the rest of the network is protected with IP MAC binding. Thanks.
What does it mean?
Guest should be accessing the portal but it is based on it has an IP address and it is allowed to access the local network.
IP-MAC binding would allow the matching client to use the network. If this fails prior to the portal auth, that's normal to see you have no successful access to the portal page. Because L2 and L3 have failed it. Of course, you don't have any internal or external access.
- Copy Link
- Report Inappropriate Content
Hello @Clive_A,
I would like to have IP MAC binding enabled in my network. But this is impacting guest users. I cannot configure IP MAC binding for guest users because I don't know all the MAC address for future guests.
How can I configure this in Omada Controller so IP MAC binding is in force in my other VLANs but not in the guest network VLAN.
Thanks
Diego
- Copy Link
- Report Inappropriate Content
Hi @Diego787
Thanks for posting in our business forum.
Diego787 wrote
Hello @Clive_A,
I would like to have IP MAC binding enabled in my network. But this is impacting guest users. I cannot configure IP MAC binding for guest users because I don't know all the MAC address for future guests.
How can I configure this in Omada Controller so IP MAC binding is in force in my other VLANs but not in the guest network VLAN.
Thanks
Diego
You have specified the interface, right?
What's the behavior on your guest VLAN interface clients? Do they get an IP address?
- Copy Link
- Report Inappropriate Content
This is my current configuration IP-MAC Binding config:
With this configuration, if the client is not autheticated yet in the Portal, they will connect to the guest Wifi, they will get a message saying that there is no internet on this network and they will never be redierected to the Portal. If the guest was previously autheticated in the Portal, they will not pick any IP address.
However if I disabled "Permit the packets matching the IP-MAC Binding entries only" option, Autheticated guest client will get their IP address assigned on their corresponding subnet and non-autheticated guests will be automatically redirected to the Portal.
By the way, my setup is:
Omada Controller 5.13.30.8 (linux container) and the following devices/firmware versions:
Router | ||
Guest wireless config:
VLAN Config:
- Copy Link
- Report Inappropriate Content
Hi @Diego787
Thanks for posting in our business forum.
Diego787 wrote
This is my current configuration IP-MAC Binding config:
With this configuration, if the client is not autheticated yet in the Portal, they will connect to the guest Wifi, they will get a message saying that there is no internet on this network and they will never be redierected to the Portal. If the guest was previously autheticated in the Portal, they will not pick any IP address.
However if I disabled "Permit the packets matching the IP-MAC Binding entries only" option, Autheticated guest client will get their IP address assigned on their corresponding subnet and non-autheticated guests will be automatically redirected to the Portal.
By the way, my setup is:
Omada Controller 5.13.30.8 (linux container) and the following devices/firmware versions:
Router
Guest wireless config:
VLAN Config:
OK. I got something different from your results.
First, put out the facts and conclusion, that this is not a problem with the system.
The guest VLAN that I used in this situation is not included in the IP-MAC binding. So, it should not be effective.
Portal enabled. Voucher for the whole VLAN interface.
Cellphone can join the network and see the portal. Pops up automatically. They also get an IP address.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 259
Replies: 5
Voters 0
No one has voted for it yet.