Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 12567 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Setting up a Guest Access Point in UTM

chipwade

I am running a setup with a bridged FioS modem giving me a single public IP, ESX host with internal/external vSwitches, and the Sophos UTM.  I am currently running a wifi router through the UTM with all of my rules in place and it is working great.  I would like to run an additional router as a guest network which is pretty much wide open.  The main reason for this is easy usage for the girlfriend while I dork out and for guests who want to connect.  My host has an open nic available to connect the additional router.  Would I just add an additional outside nic to my UTM interfaces or would I need to run a separate UTM as a dmz in this case?  Any help is greatly appreciated.



This thread was automatically locked due to age.
  • 0
    You can run multiple interfaces/networks, without a problem. If I understand your setup correctly, just set it up as a second internal LAN for the GF, making the same settings as the one you have now (web filtering, firewall rules, MASQ, DHCP, etc.)
  • 0
    I've a physical UTM with only one LAN interface, and I've also a seperated guest WiFi. I'm using a VLAN to seperate it from my normal network. Therefore the guest WiFi router must support 802.1q, VLAN tagging. OpenWRT and DDWRT does this.
  • 0 in reply to Jas Man
    This is the path I ended up going down. My ISP(Frontier FiOS) was able to switch my connection to ethernet directly from the junction box and skip their provided modem/router altogether. I was then able to run that connection to my HP managed switch and separate the traffic. Giving me the guest wifi without my UTM rules and filtering interfering and my public IP for the UTM through the VM host. I had to install DDWRT on my netgear router as well.
  • 0 in reply to Scott_Klassen
    This would have worked as well. Thank you for the quick help. I will use this method for the internal protected wifi I plan on deploying.