cancel
Showing results for 
Search instead for 
Did you mean: 

Retirement community with 1200+ residents. How can we setup individual "networks" without 1200+ SSIDS?

aaron_ruppert
New Contributor II
the goal is to have joe smith print to the printer in his apartment from anywhere on campus. or allow him to use his phone to control his tv.  etc. 

We use radius for corporate devices with a single SSID, works great.

For our residents we have a seperate SSID. Another seperate for guests. 

if we use radius we can assign Vlans to each resident.  What would be the onboarding process for their devices? What is the maximum number of VLANs this could support?

Would we need to create an NPS policy for each user?  Is this a good use case for CLoudpath?

 I'm trying to wrap my head around this and am probably missing something simple. I appreciate any help or clarification you can provide.
7 REPLIES 7

michael_brado
Esteemed Contributor II
Do you ever talk to the folks you bought your equipment from?  Detailed design questions and products to meet CU needs are what your VARs are there for, and whom we'd like to to contact please.

Yes, but I like to have some ideas beforehand so both they and I can be prepared. thanks!

shaun_van_tonde
New Contributor III

Why don't you make a Vlan for corporate users and a Vlan for guest and students.

You can then allow students and guest only access to the internet and corporate users access to the printers, servers and internet.


Our college environment is setup in the fashion and it works flawlessly:

Aps are on default vlan 1 with all the switches and same IP range.

We have 3 SSID  Corporate Wifi, Guest Wifi & Student Wifi

Corporate Wifi is for example vlan 2

Guest and Student SSID is for example VLAN 3

Our corporate users don't have to enter in a passkey for wireless as we are using radius server 2008r2 and their pcs have to be part of the domain computers group.

The guest ssid uses the guest feature of the zonecontroller and we generate 1 key once a week for guests.

The student ssid uses captive portal authenticating via their AD credentials on their domain controller.

Vlan 3 is blocked from seeing any other vlans on the main core switch so they only have access to internet.


Regards,


Shaun

shaun_van_tonde
New Contributor III
Apologies I misunderstood your question completely. Seems you want each resident to have their own vlan. That's a bit hectic I would say. There is a feature to block clients communicating on the same vlan. That might help in this scenario.