Network switch and 2 separate WLANs

katana6434

katana6434

katana6434

Associate
Joined
6 Oct 2006
Posts
375
Location
Luton
Hi all

Wondering if you could help spec some equipment which would be used to create a small network for a club that I am helping out with.


  • They will be using BT Business broadband, probably premium infinity which I believe comes witha BT Bubsiness Hub 5.
  • They want two separate wireless networks, one for club members and one for guests, traffic to be separated and not mix with each other.
  • They will also need a rack mount switch with 24 gigabit ports. Due to the traffic separation requirement this will probably need to have some layer 3 functionality.

My intial thoughts were to use a switch like the HP 1920 series and then a couple of WAP's like the Linksys AC750 which can have multiple separate SSID's linked to separate VLANs (i'm assuming VLANs to separate out the traffic).

A few questions:

Is the above the correct way to go - i.e. 2 vlans with the 2 separate SSID's.

I would need multiple DHCP scopes to deal with the above, which none of the above will dish out. What can I do about this? Would I need to change the router to something else to cope with multiple scope? There will be no server or anything lthe like on site to act as a DHCP server so ideally it needs to be a WAP, router etc.

Ay other different ideas for a design?

There is some budget but please bear in mind that this is a cummunity club so ideally has to be as cheap as possible.

Thanks for your help?
 
Remember a router is a layer 3 device, so investing in a layer 3 switch for what seems a quite simple setup is probably overkill.

Highly recommend the Ubiquiti AP's.
 
My default spec for this would be a SonicWALL TZ300 firewall/router providing content filtering, gateway antivirus and DHCP, Ubiquiti access points and a HP 1920 switch.

The 1920 has just been replaced by the 1950, which runs the newer Comware 7 OS. I've not seen one yet, but other Comware 7 switches like the 5130 have a much nicer web interface than the older models. Either will be fine.

I don't think guest WiFi should be provided without content filtering of at least illegal material, but that's a decision for the business. The TZ300 might be too costly for you - around £700 with a years feature licence which you'll need to renew at around £300 a year.

A cheaper alternative would be to replace the router with a Draytek 2760 which will do everything you need for around £100. You don't necessarily need an L3 switch like the 1920 either, a managed L2 switch which supports VLAN's will be fine. Something like a TP-Link T1600G-28TS can be had for under £100 and will do the job. A couple of Ubiquiti UAP-AC-PRO would cost around £260, or you could go for the Lite version at around £150 for 2. I'd advise going for the Pro units if there will be larger numbers of simultaneous users (25+).
 
Excellent, thanks for all your answers. I will have a look at hardware you ahve mentioned.

Is having 2 VLANs the way to go? If it is will those routers do multiple DHCP scopes?

THanks
 
Yes two VLANs is the way to go, just make sure you don't allow routing between them at the SonicWall.

Our SonicWall allows more than one DHCP scope, but it's not the same model (old 3060 Pro), not that we use it for DHCP.
 
Yes use two VLANs. Sonicwalls are horrible in my opinion (especially considering their price) so I'll throw Mikrotik in the mix. A sub £100 Mikrotik would be more than enough throughput wise and they come with more features and protocol support than you're likely to ever need (no content filtering but that wasn't one of your original requirements)

This combined with Unifi APs and a HP switch as already mentioned would be hard to beat on a budget.
 
a Question about the Mikrotik routers. The small ones have 5 ports as standard. Can these be assigned to different VLANS or switchgroups (if that is the correct terminology for them)?

I assume we would have the BT router plugged into port 1, port 2 for vlan 1 and port 3 for vlan 2, with these plugged into the relevant port in the HP switch. the Mikrotec would allow routing between some or all of the ports depending upon configuration. Basically allowing eberything to router to port 1 for the internet?
 
You must log in or register to reply here.
Back
Top Bottom