Forums
New posts
Articles
Product Reviews
Policies
FAQ
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Menu
Log in
Register
Install the app
Install
Forums
Digital Lifestyle
Internet, Networking, and Wireless
Replacing an Airport Extreme router creating a guest network by a new router
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="michelangelo" data-source="post: 1768539" data-attributes="member: 54225"><p>Thanks halo200 for also replying to this older post, dating back to prior to my purchase of the SG-1000 from Netgate (pfSense tribe). This whole project is to me a learning experiment and I mostly enjoy it for that. Except in the rare circumstances where my ADSL line is down, my wife does not give a damm for the results of what I am trying to achieve. I do it for fun. Positive results are just a plus, and negative results are a new learning experience. My objective as stated above is now modified. </p><p></p><p>Instead of : "<em>I believe this network separation can be done by VLAN tagging on routers having such capabilities, such as the Airport Extreme. The main network would remain untagged, while both the guest network and the IoT network would be tagged and carefully stripped of any permission to share resources of the main network.</em>"; </p><p></p><p>I now hope the Apple Extreme is only capable of 1 extra VLAN (called "Guest Network") if tagged properly by another Apple Extreme, because it seems to be hard-coded with a VLAN tag 1003. I want to tag this virtual LAN "1003" with the SG-1000. </p><p></p><p>My reference is a post I found a while ago on the internet, by Darko Krisik:</p><p></p><p><<a href="http://tech.krizic.net/2013/09/apple-airport-extreme-guest-mode-with.html" target="_blank">http://tech.krizic.net/2013/09/apple-airport-extreme-guest-mode-with.html</a>></p><p></p><p>Now, </p><p></p><p>I still hope this network separation can be done by VLAN tagging on routers having such capabilities, such as the Airport Extreme (only two networks). The main network would remain untagged, while the guest network would be tagged 1003 and carefully stripped of any permission to share resources of the main network. </p><p></p><p>Then I would implement a crude form of Traffic Shaping on the SG-1000 (like "equally share bandwidth among active LAN IPs"). This is because I realised recently that what I was really lacking on my 2Mb/s ADSL line was some form of traffic shaping preventing, for example, multiple automatic downloads of iPhone updates on iTunes to swallow all bandwidth and render internet lousy or render Mail unable to access iCloud mailboxes. Mainly, the pfSense tribe told me that traffic shaping on a 2Mb/s line is as difficult (horribly difficult) as implementing traffic shaping on a 100 or 1000 Mb/s line (hence not worth the effort); yet I also heard (no so loudly) that the results are as useful on a tiny line than on a biggish line. So I want to try it on my tiny 2Mb/s line, and keep it on my future 10 to 20 Mb/s line. </p><p></p><p>I will move on to attempting VLAN tagging on the SG-1000 when I have my safety net in place: backups (done) and ability to connect to it via console (still under way). I am not a risk-taker. </p><p></p><p>BTW: I have no real use of a guest network (guests use my main network) and have no use of a IoT network (having no connected objects so far). This is purely experimental. </p><p></p><p>I thank you very much for your kind assistance.</p></blockquote><p></p>
[QUOTE="michelangelo, post: 1768539, member: 54225"] Thanks halo200 for also replying to this older post, dating back to prior to my purchase of the SG-1000 from Netgate (pfSense tribe). This whole project is to me a learning experiment and I mostly enjoy it for that. Except in the rare circumstances where my ADSL line is down, my wife does not give a damm for the results of what I am trying to achieve. I do it for fun. Positive results are just a plus, and negative results are a new learning experience. My objective as stated above is now modified. Instead of : "[I]I believe this network separation can be done by VLAN tagging on routers having such capabilities, such as the Airport Extreme. The main network would remain untagged, while both the guest network and the IoT network would be tagged and carefully stripped of any permission to share resources of the main network.[/I]"; I now hope the Apple Extreme is only capable of 1 extra VLAN (called "Guest Network") if tagged properly by another Apple Extreme, because it seems to be hard-coded with a VLAN tag 1003. I want to tag this virtual LAN "1003" with the SG-1000. My reference is a post I found a while ago on the internet, by Darko Krisik: <[URL="http://tech.krizic.net/2013/09/apple-airport-extreme-guest-mode-with.html"]http://tech.krizic.net/2013/09/apple-airport-extreme-guest-mode-with.html[/URL]> Now, I still hope this network separation can be done by VLAN tagging on routers having such capabilities, such as the Airport Extreme (only two networks). The main network would remain untagged, while the guest network would be tagged 1003 and carefully stripped of any permission to share resources of the main network. Then I would implement a crude form of Traffic Shaping on the SG-1000 (like "equally share bandwidth among active LAN IPs"). This is because I realised recently that what I was really lacking on my 2Mb/s ADSL line was some form of traffic shaping preventing, for example, multiple automatic downloads of iPhone updates on iTunes to swallow all bandwidth and render internet lousy or render Mail unable to access iCloud mailboxes. Mainly, the pfSense tribe told me that traffic shaping on a 2Mb/s line is as difficult (horribly difficult) as implementing traffic shaping on a 100 or 1000 Mb/s line (hence not worth the effort); yet I also heard (no so loudly) that the results are as useful on a tiny line than on a biggish line. So I want to try it on my tiny 2Mb/s line, and keep it on my future 10 to 20 Mb/s line. I will move on to attempting VLAN tagging on the SG-1000 when I have my safety net in place: backups (done) and ability to connect to it via console (still under way). I am not a risk-taker. BTW: I have no real use of a guest network (guests use my main network) and have no use of a IoT network (having no connected objects so far). This is purely experimental. I thank you very much for your kind assistance. [/QUOTE]
Verification
Post reply
Forums
Digital Lifestyle
Internet, Networking, and Wireless
Replacing an Airport Extreme router creating a guest network by a new router
Top