I'm currently running stock Asus 3.0.0.4.374_979 in AP only mode. I'm looking for a specific feature, and I'm curious if Merlin's FW supports it. What I'd like is to use the RT-AC66U in AP only mode as well as LACP mode with a trunk back to my switch, and have the ability to assign a VLAN ID tag to the different SSIDs. For example, this is my setup:
What I'd like is for the pfSense to use VLAN tags to separate out networks. Say VLAN 1 for internal, VLAN 2 for my soon-to-be site-to-site OpenVPN, VLAN 3 for my IPSec back to my office and VLAN 15 for Guest Access that never touches any other network. On the pfSense, I'd have the four VLANs all have virtual interfaces sharing the same NIC.
VLAN1: 10.0.0.1/24 (Internal. Can route to VLAN2)
VLAN2: 10.0.1.1/24 (OpenVPN, can route to VLAN1)
VLAN3: 10.0.2.1/24 (Office, only route out)
VLAN15: 172.31.1.1/24 (Guest, only route out)
Of course, the AP would also probably be running the LACP script that several people came up with.
Is this configuration at all possible??? There was really no mention of VLAN Tagging on the wireless interfaces. Thanks so much for the help!
Jim
Code:
Comcast--->pfSense--->HP 1800-24G|--->Asus AP (WiFi 10.0.0.x/24
|--->All other network devices (10.0.0.x/24)What I'd like is for the pfSense to use VLAN tags to separate out networks. Say VLAN 1 for internal, VLAN 2 for my soon-to-be site-to-site OpenVPN, VLAN 3 for my IPSec back to my office and VLAN 15 for Guest Access that never touches any other network. On the pfSense, I'd have the four VLANs all have virtual interfaces sharing the same NIC.
VLAN1: 10.0.0.1/24 (Internal. Can route to VLAN2)
VLAN2: 10.0.1.1/24 (OpenVPN, can route to VLAN1)
VLAN3: 10.0.2.1/24 (Office, only route out)
VLAN15: 172.31.1.1/24 (Guest, only route out)
Of course, the AP would also probably be running the LACP script that several people came up with.
Is this configuration at all possible??? There was really no mention of VLAN Tagging on the wireless interfaces. Thanks so much for the help!
Jim
