RUnglaube  Ally Member

Comments

  • For DHCP and routing, I have only seen the NSG devices which also comes with security, and include at least 4 physical ports for LAN connection, but they don't have ADSL connection nor provide WiFi by themselves. You will need to get a modem that provides connection to the NSG using Ethernet or SFP, and for the WiFi you…
  • This has been a never ending question for all vendors and the answer seems to be always the same: https://documentation.meraki.com/MX/Client_VPN/Configuring_Split_Tunnel_Client_VPN https://forum.netgate.com/topic/104711/split-tunnel-with-l2tp-over-ipsec-in-pfsense/2…
  • Update it to the latest Microsoft Edge Chromium. It works just fine for me. I'm starting to prefer Edge over Chrome now 
  • Hey Arturo, I would say it's more in the low side, when booting up it gets quite high but later on it is greatly reduced. I have one sitting on my office desk and compared to the big NSW200-28P, the noise from the gateway is minimum. Good luck!
  • Hi there, I think you could enable the L2 isolation in the SSID from the Authentication page, adding both the fortigate MAC address and the window server MAC adddress. Then, you could set 2 rules in Switch ACL, one to allow port UDP 68 from the Wireless network to the Window server and the second to block everything else…
  • Will you need to isolate the LANs from each other or what's the main reason you need different networks? There's always a way! I guess you use DHCP, so you can bind the devices MAC address to a certain range of IP address of the same LAN, based on to which port the devices are connected. Then you only need to block those…
  • What kind of scenario do you have that every physical port must provide a different network? If the switches are not able to handle VLAN, I guess you don't need them, so you could just use one LAN and set all ports to that LAN. Or use the two LANs and allocate them in 2/2 ports.If you need to block something, you could use…
  • @ComputeInTheCloud You need to use the MAC address of the LAN interface, which it's not the same as the MAC address you use to register the NSG on Nebula. Use ARP command of a connected device, or even easier, just enable Guest network in the SSID overview page which automatically detects the gateway LAN MAC.
  • If the radio is disabled, all the SSIDs on that radio will also be disabled. If that's what you want, I would rather say to use PoE schedule to completely turn off the AP device.
  • You cannot use the same subnet for the VPN and LAN/VLAN interfaces, that's why you can save it when using 192.168.2.221/29, which will anyway give you access to 192.168.1.1/24 network unless you configure a firewall rule to block it. Think of the VPN subnet as another network interface.
  • Why should it be immediate? All the pie charts that I have seem so far are informative, not for alerts. I personally prefer color shades rather than a rainbow, looks more harmonious to me.
  • In the dashboard you can get the current speed of you WAN links or in the gateway page Other than that, no "speedtest" is available, but you can help us supporting this request https://businessforum.zyxel.com/discussion/comment/9138#Comment_9138
  • Did you manage to solve it? You indeed need to set the correct management VLAN, either per device or globally and also configure the uplink port with the correct PVID.
  • If that's the issue, I would either use the name as suggested by @TomorrowOcean or I would take a photo of the AP location, which also allows you to use phone GPS to locate the device on google maps.You know, a picture is worth a thousand words, as people say... Again, I'm not telling it shouldn't be added, just trying to…
  • +1 for Mac filtering and port security on Nebula switches. I had a similar situation some time ago...At the end what I did was to setup a virtual machine with window server, setup a Radius server and use the Radius policy on switch ports to allow mac authentication on those ports. Hopefully it is also useful for you!
Avatar