Continuing the discussion from hAP aX2 satellite WAP to hAP AX3 using wifiwave2:
I have a questions that, somewhat align with this topic. I have been running a hAP ax3 for home coverage for about 7 months. I have configured the hAP ax3 with wifi interfaces to restrict IoT devices from internet access and to isolate them from other devices on my network that are permitted internet access. To improve WIFI coverage, I am wondering if the addition of wAP ax devices would be the next best step. Ideally, the wAP ax devices would be powered via PoE. This brings me to my central set of questions.
Can a Netgear managed switch w/ PoE out be inserted between the hAP ax3 and the wAP ax devices to power the wAP ax devices ? Does doing so introduce any problems with natively managing the wAP ax devices via WinBox? Are there other suggestions or thoughts to consider as I plan the expansion of the network?
Documentation says that wAP ax works with 802.3af/at, so if only the PoE switch deliversa power that way, there should bo no problems. I used Netgear switches and there were no problems with them.
1 Like
I already used TP-LINK POE switches for POE delivery. Worked just fine as well.
1 Like
Yes, what PoE does the Netgear support?
Depends on its configuration, but you can make it work without problems.
Replace the Netgear with a MikroTik switch. Just to have one eco system (functionally it won't have any advantages).
My best guess would be introducing VLAN's for isolation and better management. That, in combination with CAPsMAN will make a killer setup.
There are a lot of topics on "My home network + VLAN problems" and I wonder why to introduce VLANs for home network? How many devices you can have that you want to split access domains? How safe you want to be protecting IoT from seeing eg. a printer? There is always a problem of guests but if you invite them home, you share the password then there should be no problem unless you have crackers as friends.
I.e. I don't want my Chinese camera's to have access to Internet, my IoT devices to be able to connect to any other device. And while I was at it...Guest is indeed on a seperate VLAN as well.
To continue...only my Home VLAN has access to resources available through site-2-site vpn. And for their networks it works the same.
By setting it up this way, the firewall is pretty clean.
For me the reasons for having VLAN's.
2 Likes
But you are not a typical home user for whom the QuickSet is too complicated. 
Most people do not care if their nonChinese TV sets or playBoxes with cameras an mics do spy on them. They even do not care if "big brothers" from the Silicon Valley spy their each step as they allow GPS access for all programs in their phones.
1 Like
wAP AX can be powered via either passive PoE or 802.3af/at.
When you buy the wAP AX, in the box you also get the power supply and a PoE injector (gigabit). So, it’s not mandatory to use a PoE capable switch, but using one makes things cleaner and simpler, especially if you want to expand the network.
I have several wAP AXs, powered via both passive PoE and 802.3af/at.
1 Like
I have just rocked a boat a little.
I'm aware that most people who use that forum or look for answer already [playful mode=on] do live on the edge [playful mode=off].
Take it as a bit rethorical question/statement that should make people think what they really need to implement.
I am aligned with the single ecosystem, but alas, I have already purchased the Netgear switch. Although not mentioned in my original post, the IoT devices are on their own VLAN. FWIW, one VLAN for IoT (these actually do have internet acces for devices such as Roku etc) and one VLAN for security devices (no internet access granted) and one VLAN with internet access for ‘everything else’. The CAPsMAN will be the learning curve. I am looking forward to digging into this for the best possible management.
