How do access points handle multiple SSIDs?

chmcke01

Distinguished
Mar 16, 2011
144
0
18,690
I provide IT support for some local small businesses and one of them is in the process of expansion to their building that will require that I add a couple of access points to keep coverage throughout the building. Currently they have a Negear Nighthawk R7000 router that works great for their needs and allows them to have one network for employees and a built in guest network for visitors that doesn't have access to the business computers, server, printers, etc and we want it that way.

In looking at access points most say that they support multiple SSID's (primarily looking at getting some TP-Link EAP120's (http://www.tp-link.com/us/products/details/cat-4908_EAP120.html) because I have used them in the past and they seem to work well. However when I have used them in the past I have not had to worry about the guest network as they didn't use one.

So lets say we have two SSID's on the main router that work as they should...we will call them OfficeWork and OfficeGuest. If I use an access point and put in the SSID and password for these networks does it just essentially extend each or would the guest network connected to the access point have access to the work nodes?

Sorry if this is unclear, I would be happy to provide any additonal information as needed.
 
A guest network on a router is pretty much a firewall rule that says that the traffic from the guest network may only go out the wan port.

Even though you could put a so called guest network on a AP using a similar method it would only limit it on the device but the AP does not have a path to the internet. It must use the main network to get to the route which means the traffic is now mixed.

The only way to do this is with vlans. You would build a complete guest network between all the AP and the router and the traffic would be keep in their respective vlans no matter which device they were on.

Without reading the specs for the equipment you list I am going to bet it does not support vlans. Although you might be able to do this with third party firmware I would look at a more commercial solution. Ubiquiti sell equipment that has most the feature of high end stuff from say HP or Cisco but at a fraction of the price. It of course does not do all those vendors can do but it does much more than consumer equipment and should be able to do what you need.

You will need to discard everything you have including the router and start from scratch.
 

chmcke01

Distinguished
Mar 16, 2011
144
0
18,690


That's what I thought, thanks...was hoping I was mistaken.