My lab sits on a public network (254 addresses). All desktop machines and other fixed peripherals (printers etc) are connected by wired Ethernet and have fixed addresses. Laptops can connect by wires to the same network but receive their address by a central DHCP server but only if their MAC address is recognized.
We would like to reserve a subset to the 254 pool of addresses to be available through a WIFI network. The devices connecting to the WIFI would be simply authenticated by the WIFI password (no prior registration of their MAC addresses )
So we want in the end to have all machines on the same network with the cAP serving by DHCP the subset of addresses mentioned before.
How should we proceed ?
Thanks
dont understand your initial request. ON the main router, makes as many vlans as you need, feed to the cap and other devices
a. the management vlan ( it gets its IP address on this vlan and the only vlan tagged on the bridge ).
b. all other required vlans which need to be tied into WLANs and by ipso facto SSIDs.
I have no control on the main router. Just given a pool of n+1 fixed of adresses. One for the cAP and n for its clients.
It used to work flawlessly with a now defunct AirPort Express
So your saying that the router provides two subnets for you to use.
A. 192.168.1.1/24 and 192.168.2.1/24
OR
gives you
B. 192.168.1.2 for your device, and 192.168.1.3-192.168.1.254 for other users??
If A, how does the router pass you two subnets on one port?? Im assuming vlans or perhaps over two ports ( subnet per port )?
It a variation of B
There is only one network xxx.xxx.10.0
To facilitate the work of a small team of the lab with frequent visitors I have been allowed to use xxx.xxx.10.215 → xxx.xxx.10.218
It used to work flawlessly with on old AirPort Express (now defunct) which was set up (in the minimal configuration provided by Apple AirPort Utility) as follows
-Mode: Router
-Create a WiFI network THGRP with the usual passphrase protection (WPA2)
-DHCP server with a small pool of addresses xxx.xxx.10.216 → 218 (enough for three external collaborators at a time)
-Gateway xxx.xxx.10.254 (the main gateway of the lab)
-The Wan and LAN addresses of the Airport base station was identical (??) and set to xxx.xxx.10.215
It worked flawlessly for years, enabled the (trusted) visitors to access the entire lab network and all printers using Bonjour or any other type of connection (HP etc)
I simply want to reproduce this type of things with a cAP
I am sorry if I was not clearer before and I hope this explains better what I am trying to accomplish.
Thanks a lot for helping
This is what I have done in the meantime but printers are invisible. Also laptops on the main net can’t exchange files with the ones on WiFi with Airdrop
I have all wifi clients on separate subnet from printer but the trusted ones can print without problems.
Not Guest nor IoT devices.
Maybe you should first specify all requirements, not bits and pieces.
And a complete drawing of how your network is constructed now ?
Also the router. I suppose you can not do anything on there ?
Sorry for not explaining myself clearly.
The network is entirely wired for the moment.
We want all devices in the end to be on the same network.
The vast majority of them are wired and authenticated by their MAC address
That is dealt with by the lab router which I do not manage and which cannot be changed.
We want the cAP to create a WiFi access so that devices whose MAC addresses are unknown can become part of the same network with the same privileges as the other devices , their authentication being now provided by the wifi pass phrase.
If needed I will provide a drawing tomorrow
Thanks
