Im installing a small hotspot setup, using an RB450G with 2x SXT 5gh radio attached to eth2and 3 (two backhauls on different channels to eliminate total site outage if one radio goes down) with eth1 being the WAN. Hotspot server running on the RB450G only.
I will be installing 2 radios at locations around the site, 1 radio backhaul (an SXT) to the gateway and the other in AP mode for client connections. (probably something like a Bullet2HP).
Is it possible to have the radios on say 192.168.x.x so that I can access them from the RB, and more importantly, have the radio IP addres being able to pass throuh the hotspot without authentication, whilst having the hotspot users running on a different IP range as set by the hotspot pool?
I would of liked to do this using all MT equipment, but simply switching to the gateway controller and SXT’s is a step in the right direction.
You can add IP bindings on the Hotspot with a type of bypass.
However, it’s a bad idea to have management network space and customer network space reside on the same broadcast domain, regardless of whether the logical addressing is different. It’s very bad design.
Use APs that are 802.1q capable and use VLANs. Feed two VLANs to each AP: one for management, one for customers. The management VLAN is where the AP has an IP address, and isn’t used for wireless at all. The customer VLAN is bridged into the radio, and is what wireless customers end up on. Now there’s strong separation between the two networks. Both VLANs feed into the RouterBOARD, which is the layer 3 gateway for the two networks on the two VLANs. Then use firewall filters to keep customers from accessing the management VLAN. The Hotspot is configured on the VLAN interface that is the layer 3 gateway for the customer network.