Hello All, We are a small, Ubiquiti based WISP with about 275 subscribers. Our current setup consists of an Edgerouter Pro at the heart, with several subnets bridged on the eth2 port. We've got around 30 APs in the network, each serving CPEs in bridge mode which connect to a client router. This entire network resides on the LAN side of edgerouter, all devices are configured with static IPs and NATed through a handful of static WAN IPs. AP locations we've added over the last year have their own subnet, with client radios assigned 10.86.x.12 and corresponding router assigned 10.86.x.112. (For example)
Our overall performance is good, but we are looking to reorganize some of the subnets, and wanted to take the opportunity to review possible security concerns and optimize the structure if necessary. We have looked into the possibility of separating management and access traffic with VLANs as one example. At this point, we are open to suggestions and input. We've seen tutorials on VLAN setups, but do folks think this would improve our security enough to warrant spending the time to implement? Is there anyone out there with a similar network who would like to share their setup? Are there other major points we should consider as we work through this change? Thanks for your input, Ted
_______________________________________________ Ubnt_users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/ubnt_users
