Recently I purchase 40+ cambium AP with mixture of 410 & 600 and trusted the vendor to implement this but end up all in vain. I had to place back my old AP due to this failure.
i'm not very good in networking but trying to understand the term hence I would like to seek advise on how shall I proceed for my environment.
Situation
- 500 to 600 devices connected at same go may reach till 900 devices
- 3 blocks coverage
- Core switch and some 2nd layer switch that connects to some VLAN ( i'm not familiar with this )
What have been setup in current environment
- Vlan & DHCP Scope created with range of .7, .8, .9, .10, .11 and it's been tagged to 5 SSID wifi
- It seems each Lanport been map with different VLAN
- So current AP pickup as range 7 then once user's login to each SSID it provide different ip according to each SSID they have connected. So practically each ssid was set with submask 255.255.255.0 ( 254 IP produced), correct me if i'm wrong.
Question that keep ringing im my head, is there a IP range/subnet range that I can produce for 1 SSID 900 devices at one go rather creating this 5 SSID.
I humbly requesting for some help, suggestion or opnion that i can consider to implement this AP fully to provide best WIFI solution for my school. :(
As I said i'm not very good in network so i might not able to answer all your question and we don't have a proper network engineer
1. How manay SSIDs we want to create and reason for each SSID? - I just wanna 1 ssid to accomodate 900 devices
2. SSID to VLAN plan details? no plan advise me what should i do now
3. Do we have external DHCP server? If yes can we create multiple dhcp pools to server different SSIDs? My AD yeah it produce DHCP that setup according to the range i stated earlier for SSID
4. Do we have external default gateway for each VLAN networks? Nope
5. How many wireless devices we expect in each SSID? 900 to 1K at one go
I would suggest, you have two separate IP address ranges, one for AP's and other for wireless client devices.
--For example
1) Create a dhcp pool for issuing IP addresses to AP's. The subnet is /24 since you have only 40 devices it will be enough.
dhcp pool-1 : For AP's 172.16.10.1/24 address range 172.16.10.2-172.168.
Defautl gateway 172.16.10.1
2) Create another DHCP pool for providing IP address for the wireless client . with /22 it will provide 1024 IP addresses that will meet your requirements.
dhcp pool-2 : For the wireless client.
172.16.20.1/22 address range 172.16.20.1 - 172.16.23.254
default gateway 172.16.20.1
3) on your POE switch configure all the port as trunk and make VLAN 1 as native and VLAN 20 as the tagged VLAN.
Create two VLAN's on the POE switch
Vlan 1: Ap VLAN Vlan 20 : USER SSID
4) on the AP, configure a WLAN 1, provide any ssid name let say "TEST-SSID" and map it to VLAN 20. Please see the attached screenshot. Now go to networks > ethernet port and configure the port at the trunk interface. Please see the screenshot
5) you can configure the security of the wlan based on your requirements.
You need network segmentation with VLANs (use managed switches), use same ssid name on few VLANs so that everything is transparent on client side, but it is separated under the hood.
Security policies on Router, denied client traffic to mgmt vlans of APs etc.
