Thread Info

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Tutorial - How to separate a Guest Wifi WLAN with a Sophos UTM and a Ubiquity AP with only 1 AP and 1 port on your UTM

Bob Blank 5 months ago

How to separate a Guest Wifi WLAN with a Sophos UTM and a Ubiquity AP with only 1 AP and 1 port on your UTM.

My Setup: Cable Modem -> UTM -> Unmanaged switch -> Ubiquity AP

Laptops, NAS, Home Alarm are either hardwired to the switch or connect to the Home Wifi SSID
TV, IOT devices, guests, phones connect to the Guest Wifi SSID

From the Ubiquity Unifi Controller:

Create a Guest Network via the Ubiquity Unifi Controller

Assign it a unique VLAN (I disabled DHCP as I am using the UTM for DHCP services)

Create a Guest Wifi Network

Assign the Guest Wifi network to the Guest Network you created above

From the Sophos UTM

Go to Interfaces and Routing to create a new interface

Add an “Ethernet VLAN” interface, assign it to the same hardware port as your internal network.

From Network Services -> DHCP, add a new DHCP service for the VLAN

Select the Guest Wifi interface you just created earlier.

Add a new Masquerading Rule for the Guest Wifi network to the External WAN

Add a new firewall rule allowing the Guest Wifi Network access to the internet.

This thread was automatically locked due to age.