Hi!
Due to RF interference from my neighbor's houses, I need to run multiple APs across my house to get a decent wireless signal. Like many of you, I've also been dabbling in Connected Home / IOT devices. I have a separate, Guest WLAN, set up for these devices, with "Access Intranet" = OFF for the Guest WLAN.
Unfortunately, the combo of these two things (multiple AC-68's configured in AP Mode + Guest WLAN with Access Intranet = OFF) doesn't work as expected. Specifically, if I connect a wireless device to my core router/AP (the one with the actual backhaul to the cable modem), when connected to the Guest WLAN, I don't see my Intranet devices. However, when I connect to any of the other APs, I do see the Intranet devices, whether I'm on the Guest WLAN or on the primary (intranet) WLAN.
I thought about it a bit, and I guess this makes sense -- the APs wouldn't know about the VLAN configuration of the primary router. So I guess the APs just route all of the traffic onto the network, regardless of whether it came across the primary (intranet) WLAN or the Guest WLAN.
So, my question is, how do I make it work? I'm comfortable messing around in the shell, as needed.
One theory I had was to put the APs back into Router mode, disable their DHCP and point them back at the core router for DNS. I could then mess around with the routes to ensure Guest WLAN traffic only gets routed to the internet, and ethernet + primary (intranet) WLAN traffic gets routed normally. Or maybe I can do it just via the GUI by using the Guest WLAN page and disabling Intranet access on the Guest WLAN? However, I'm not sure if disabling the Guest WLAN Intranet access on those non-core-routers will actually disable intranet access or not -- because, again, how would the non-core-routers know what VLAN to use for the internet-access-only routing?
Entirely possible I'm making this more difficult than it needs to be, but would welcome any hints or suggestions!
Due to RF interference from my neighbor's houses, I need to run multiple APs across my house to get a decent wireless signal. Like many of you, I've also been dabbling in Connected Home / IOT devices. I have a separate, Guest WLAN, set up for these devices, with "Access Intranet" = OFF for the Guest WLAN.
Unfortunately, the combo of these two things (multiple AC-68's configured in AP Mode + Guest WLAN with Access Intranet = OFF) doesn't work as expected. Specifically, if I connect a wireless device to my core router/AP (the one with the actual backhaul to the cable modem), when connected to the Guest WLAN, I don't see my Intranet devices. However, when I connect to any of the other APs, I do see the Intranet devices, whether I'm on the Guest WLAN or on the primary (intranet) WLAN.
I thought about it a bit, and I guess this makes sense -- the APs wouldn't know about the VLAN configuration of the primary router. So I guess the APs just route all of the traffic onto the network, regardless of whether it came across the primary (intranet) WLAN or the Guest WLAN.
So, my question is, how do I make it work? I'm comfortable messing around in the shell, as needed.
One theory I had was to put the APs back into Router mode, disable their DHCP and point them back at the core router for DNS. I could then mess around with the routes to ensure Guest WLAN traffic only gets routed to the internet, and ethernet + primary (intranet) WLAN traffic gets routed normally. Or maybe I can do it just via the GUI by using the Guest WLAN page and disabling Intranet access on the Guest WLAN? However, I'm not sure if disabling the Guest WLAN Intranet access on those non-core-routers will actually disable intranet access or not -- because, again, how would the non-core-routers know what VLAN to use for the internet-access-only routing?
Entirely possible I'm making this more difficult than it needs to be, but would welcome any hints or suggestions!
