lilit-aibolit <[email protected]> wrote: > I'd like to setup guest Wi-Fi in my LAN to prevent access to local > resources. > I have OpenBSD gateway with em NIC connected to LAN. > LAN based on switches with VLAN support. > Suppose I have created two VLANs and added ports from my network > to vlan1 and wi-fi AP to vlan2. > What should I do on gateway to accept network from both vlans?
Well, you can either use two NICs on your gateway, one connected to a vlan1 port on the switch, the other to vlan2. Or you can can set up vlan1 and vlan2 on em0 and connect them to a trunk port on the switch. This is straight from my home gateway: ==> /etc/hostname.em0 <== description Trunk up ==> /etc/hostname.vlan1 <== description LAN vlan 1 vlandev em0 inet 172.16.0.1 255.255.255.0 NONE inet6 2001:6f8:124a::1 ==> /etc/hostname.vlan2 <== description WLAN vlan 2 vlandev em0 inet 172.16.1.1 255.255.255.0 NONE inet6 2001:6f8:124a:1::1 > Should there be a different subnets in vlan1/2 or it can be the same? Those should be different subnets. -- Christian "naddy" Weisgerber [email protected]
