Luckily enough, my pfSense-based router is more than capable to do that, so I set up a Guest Interface on VLAN 1003, configured the DHCP server to assign addresses on that interface (on 10.10.10.0/24, while my main LAN runs on 192.168.1.0/24) and set up firewall rules to only allow traffic to the internet, and not to my LAN or other local subnets (such as my VPNs, and a second LAN I run on a different VLAN). One nice feature that you get if you do run AirPort Basestations as routers is the ability to have a completely isolated wifi network for guest use, that gets internet access but does not allow communication with devices on your private LAN.ĭue to what I think is a bug in AirPort Utility, you can enable the guest network even when running your AirPort in bridge mode, the network is created and you can connect to it, but it looks like it doesn’t work: you don’t get an IP through DHCP, and any traffic seems to end nowhere.Īfter some Googling and Wiresharking, I found out that what actually happens is that AirPorts funnel all the guest network traffic to VLAN 1003, so if you have network equipment that is able to deal with VLANs you can actually use both Bridge Mode and Guest Network at the same time. I rely on my PC-Engines Alix 2d2 running pfSense to be my router, so I just need wifi access points, not full-blown wireless routers. I have a couple 5th-gen Apple AirPort Extreme Basestations in my house that I use to provide wifi access, together with a couple cheap TP-Link TL-WR841ND flashed with DD-WRT, and I run them all in bridge mode, as I don’t need their routing capablities. TL DR AirPort Basestations in Bridge Mode support the creation of Guest Networks, and all their traffic gets sent to VLAN 1003 on the Ethernet side. Note: ExFAT and NTFS formats aren't supported.ĪirPort Extreme (802.11n) and Time Capsule: USB storage device. Formatting a storage device as Mac OS Extended with journaling is recommended, as it may provide some more resilience if the device is removed or powered down while in use. The AirPort Extreme (802.11n) and Time Capsule support USB storage devices that are formatted as Mac OS Extended (HFS-plus), FAT16, or FAT32. If the status light stays amber in color and blinks after the Wi-Fi base station restarts, you may repeat the steps above.ĪirPort base stations: About AirPort base station status lights (LED) After the Wi-Fi base station has restarted, the status light should be green and not blinking.Click Update to apply your changes (the Wi-Fi base station will restart).For example, you may wish to leave your AirPort open without a password so that anyone can join your wireless network. A checkmark simply tells the AirPort that you are aware of the issue and you have chosen to ignore it. Eliminating the blinking, amber status light may require making changes to a specific setting, or putting a checkmark in the "Ignore" checkbox beside any option you don't wish to change.Important: You must reset the Wi-Fi base station using the reset switch to re-enable checking for the conditions you ignored. Respond to each item until there are no more items listed.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |