![]() The egress packet makes it to the firewall to give you an IP on your untagged VLAN but then that's it. I don't know what your physical configuration looks like but if your AP is plugged into a switch and that switch does not have defined VLANs then that's your issue. So if you want to do something like have one untagged WiFi that is "Office" and a tagged (50) WiFi that is "Guest" you need to define the VLANs in the Sonicwall (or in the switch AND the sonicwall) and then you need to define a DHCP server for Untagged traffic in the sonicwall and ANOTHER interface with its own DHCP server that handles all VLAN 50 tagged traffic. See where it says (USG Required) next to that button? Everything below that is useless to you.īasically you need to setup the AP, make your WiFi names and the AP will only tag the egress with the VLAN tag that you put there. The section in your controller there that shows an IP and a range does not function with anything but a UNIFI gateway. Now you need to apply your policies on the SonicWALL to the VLAN 50 as desired. then enter your VLAN number, keep the LAN button checked, and then IGNORE all other settings in the LAN IP section. In your "WiFi - IoT" network, you need to set it as "VLAN Only" type, not as LAN type. Also to avoid late-night confusion, I renamed the "LAN" network to "RequiresUSG-NotRealLAN". I use WatchGuard firewalls (because I despise the SonicWALL interface) and I put a bogus range in there so I don't screw up late at night thinking it's my real LAN. Where you have your 192.168.50.1/24 entered, you could put 10.2.3.0/16 and it would make no difference. If you don't have a USG, none of the "LAN" settings have anything to do with your actual LAN. Most of the settings under Networks section only apply if you have a USG, BUT this is where the VLANs are configured, at least in controller version 6.0.22. The "USG REQUIRED" message is misleading, to say the least. I feel like I am missing something simple here… any suggestions? But any ping attempts to the 192.168.50.1 gateway Server and I can see the lease is active on it, so that seems good and When I connect to the new Wifi network I manage to get an IP from our DHCP Network > NAT Policies > Add (not positive Network > IP Helper (DHCP Relay) > Policies Wireless Networks > Create New Wireless Network SonicWall(X0 / X0:V50)->LAN->Unifi 16XG->Unifi POE 8port->Unifi APĭHCP Mode: None (Using Windows Server DHCP) New Unifi Wireless networks (VLAN 50) I can get an IP in the correct range (as IĬonfigured the DHCP IP helper in SonicWall) but seem to be unable to ping the gateway The problem I am running into is when I connect to one of the SonicPoints and starting using the new Unifi AP. Switches and APs, we haven’t yet replaced the SonicWall as we are searching forĪ good alternative but in the meantime I would like to decommission the old Network and have recently replaced our switches and SonicPoints with some Unifi ![]() We are currently in the process of upgrading our internal ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |