Multiple WLANs with multiple routers on a domain

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
sparkplug
DD-WRT Novice


Joined: 04 Feb 2011
Posts: 8

PostPosted: Fri Feb 04, 2011 21:32    Post subject: Multiple WLANs with multiple routers on a domain Reply with quote
I have a small setup consisting of two WLANs with multiple APs: one with WPA2 for staff access, and an unsecured SSID for guest access. The gateway is a Netgear WNR2000, and the APs (connected via hard wire) are a 54G2v1 and 54GSv7. Each device broadcasts staff_ssid (wl0) and guest_ssid (wl0.1) on the same channel.

The staff computers are on a domain, with a domain controller running Windows Small Business Server 2003. This controller handles DNS for the domain, so I cannot use DNSMasq for DNS (as I understand it).

I want to separate the two WLANs so that staff_ssid devices can access the web plus everything on 192.168.1.x, while restricting all guest_ssid devices to 192.168.2.x and only allowing web access.

Thoughts? Do I just follow the "Multiple WLANs" instructions on the gateway, or must I use a variation of them on each device (or use another method entirely?)
Sponsor
mache
DD-WRT User


Joined: 11 Apr 2010
Posts: 311
Location: San Francisco Bay Area

PostPosted: Fri Feb 04, 2011 22:09    Post subject: Reply with quote
I would use the WVLAN wiki to setup separate wireless access points (WAPs) supporting the separate SSIDs and the VLAN wiki(s) to have both the public and private networks on their own separate VLAN. For the new WAPs I would choose different G channels. I would choose the router with WAN access to be the base router and on that router configure each VLAN to have its own separate DHCP server and unique iptables code. From each satellite WAP, I would then have the VLANs communicate back to the base via 802.11q over same Ethernet cable.

The wikis should get you through.

-- Mache
mache
DD-WRT User


Joined: 11 Apr 2010
Posts: 311
Location: San Francisco Bay Area

PostPosted: Fri Feb 04, 2011 22:13    Post subject: Reply with quote
You can use the DNS on the router. In its standard form its only a caching DNS and will draw from the next level up DNS if it needs to.

-- Mache
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Sat Feb 05, 2011 1:35    Post subject: Reply with quote
All devices that are broadcasting the 2nd SSID must be configured to have their VAP separated. I would also suggest using VLAN's to keep the VAP's all in the same broadcast domain so that you can just configure the gateway router to handle DHCP for all of them. If you don't use VLAN's then you will have to use the WAP specific instructions on the routers that are configured as WAP's which will require either doing NAT for the VAP's or setting up routing, neither of which will allow roaming but a VLAN backbone will.
_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
sparkplug
DD-WRT Novice


Joined: 04 Feb 2011
Posts: 8

PostPosted: Sat Feb 05, 2011 4:41    Post subject: Reply with quote
phuzi0n wrote:
All devices that are broadcasting the 2nd SSID must be configured to have their VAP separated. I would also suggest using VLAN's to keep the VAP's all in the same broadcast domain so that you can just configure the gateway router to handle DHCP for all of them.


Thanks for your help. Can you please direct me to proper documentation that explains how I would separate the VAP on all devices broadcasting the second SSID, and if/how that would vary on the gateway device? (Sorry for the rookie questions!)
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Sat Feb 05, 2011 23:49    Post subject: Reply with quote
The multiple WLAN guide explains everything you need to know about configuring the VAP's. The choice is yours on whether to use VLAN's, routes, or NAT and you can find more info about them all on the wiki.
_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum