ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Unifi - Allow Public SSID access to one server on LAN

    IT Discussion
    4
    4
    213
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JasGot
      last edited by

      I have to enable access to a Listen Everywhere server by https://www.listentech.com

      First things first, I need to be able to access 192.168.0.5 and 192.168.0.6 from the open SSID that has guest policy enabled.

      .5 and .6 are on the corporate lan.

      I can ping them from the open SSID with Guest Policy enabled, but ICMP, DNS, and DHCP are never isolated between lan and SSID, so pinging is not a valid test.

      The user says their app, does not connect to .5 or .6

      The app is doing a scan of some sort to find the Listen Everywhere server, but we don't know what kind of scan it is doing. Maybe a broadcast?

      I want to start with the basic settings to allow a client on the open SSID with guest policy enabled to access ONLY the .5 and .6 devices on the LAN.

      What Is unknown to me, thank to UBNT's great documentation, is whether the PRE-Authorization Access trumps the Post Authorization Restrictions. Also, if it is an open network, is the even a post authorization upon which restrictions can be applied?

      1 Reply Last reply Reply Quote 0
      • DashrenderD
        Dashrender
        last edited by

        Not sure you can do what you want using what I assume is Guest Access on the Unifi system.

        You'll likely have to setup a VLAN, create a new SSID for that VLAN - and allow routing between VLANs at your router to gain access to the .5 and .6 - no different than normal publishing to the internet, only that you'll be able to lock it down to only the guest VLAN you create.

        dbeatoD 1 Reply Last reply Reply Quote 1
        • dbeatoD
          dbeato @Dashrender
          last edited by

          @Dashrender said in Unifi - Allow Public SSID access to one server on LAN:

          Not sure you can do what you want using what I assume is Guest Access on the Unifi system.

          You'll likely have to setup a VLAN, create a new SSID for that VLAN - and allow routing between VLANs at your router to gain access to the .5 and .6 - no different than normal publishing to the internet, only that you'll be able to lock it down to only the guest VLAN you create.

          I would second this, at least that is how I setup Guest wifi or separate wireless networks.

          1 Reply Last reply Reply Quote 0
          • JaredBuschJ
            JaredBusch
            last edited by

            @Dashrender is correct, you need to use a real VLAN for this.

            Because this:

            but ICMP, DNS, and DHCP are never isolated between lan and SSID, so pinging is not a valid test.

            Is not true on a VLAN.

            1 Reply Last reply Reply Quote 0
            • 1 / 1
            • First post
              Last post