Hi all,

my currently setting at home is a cisco Router for WAN behind a PPPoE Modem. To this Router hits a Cisco 2960 Switch and currently for SIP Telefony and one WLAN SSID a Fritzbox 7490.

For my Wireless i have actually 2 Ubiquiti APs in work and so far it works pretty good except roaming as the APs don´t have this feature. ok . For them my Cisco is the DHCP and as now i have several SSID´s (i know in the same subnet so thats what i want to change) .
So for my future demanded design i want you to ask for help or best practice.
What i want :
For the Wireless all traffic should be managed by the Mikrotik Board. Best with RADIUS or different passwords? Also for this - makes it sense to block some traffic?
There should be at least these SSIDs at all
1. Guest SSID own subnet
2. Private SSIDs Ubiquitis same as Fritzbox and my LAN Subnet
3. Private SSID Fritzbox ?

So would this be ok?
Then the questions
- how i have to do tmanage his ? Routing OSPF with the cisco?
route all traffic to the MIkrotik?

Thanks for few hints and words to my project..
Thanks in advance and a happy new year
Regards

Hi,

If you are planning to use the 2011 iLRM with the ubnt access points then you are out of luck.

You will need unify control software so that the ubnts can broadcast different ssids.

What you can use the 2011 for is a radius server. I have no experience with setting up ubnt ap's to authenticate clients using radius but it should not be too hard.

If the multi vendor setup doesn't work out for you and you have the funds you can go get a few Mikrotik cap lites and set them up using caps man.

What I will suggest for now is maybe use one ubnt for the guest network and use the other ubnt and fritzbox for your private.

Then maybe setup 2 dhcp servers on the 2011 one for guest one for private using different ethernet ports and ip subnet.

You could then setup a firewall rule so that guest devices cannot access the private one.

Connecting the 2011 and the cisco is easy, set one port as a dhcp client and src nat on that port.

The cisco will give out a dhcp for the 2011 and the nat rule wil nat all traffic to that ip so that there is no routing required on the cisco device

Hi p3rad0x and thank you first of all,

i have the software for the UBs and so far it works fine, Also the idea you meant is great but i forgot one thing to say ..the 2nd UB is only temporarily in the backyard on. So in the house i have only one UB and the FB.
But i will think about to to it like you suggest... so if i run into issues.. i will come again

thanks
Best Regards
Cyb