03-08-2021 01:47 PM
I know this is end of life but I am trying to set this up for home use and was wondering if anyone here had any experience with this. I have a ZD1106 with 18.104.22.168 build 31 with zf7363 AP. I was wondering if I could set it up to have 2 different WiFi's one running "normal" and another running over a VPN, NordVPN in my case.
03-08-2021 02:13 PM
Most of what you are asking to acheive has nothing to with your contoller or your AP.
You need a swtich that supports VLANS and a router that can support VLANS and perhaps even policy based routing.
Vlan 1 default ( this will host your none vpn subnet)
vlan 2 VPN ( this will host your VPN subnet)
You will then need a router that multiple interfaces or subinterfaces which supports vlan tagging. The router will then provide DHCP scopes for each subnet for your wireless clients.
Your router will then route all clients with a source address in vlan 2 to your nordvpn.
Once you have this in place.
You can put your AP and ZD1106 on the default vlan, then create 2 SSID's with the 2nd one tagged on VLAN 2 which will dump clients onto your VPN LAN.
As you can see most of the work required has nothing to do with your ruckus equipment.
03-09-2021 03:08 AM
As much as I can see, NordVPN is actually installable on client usually (probably you can install it on some PC and share this connection to network), so it has absolutely nothing to do with WiFi in fact.
If you want to share VPN connection with all WiFi network, and you have no other equipment, probably the simpliest way is to have PC with NordVPN running connected by 1 Ethernet interface (used as WAN) to Internet router, but second interface (shared VPN connection) connected to second port of ZF7363 AP. Than you make additional WiFi network, with VLAN bridged to port 2 on AP, and all clients of this WiFi network will be working through VPN on PC. Main WiFi network will use AP port 1, connected to router, as normal.
03-10-2021 02:17 PM
ZD cant take part in this kind of setup.
You can create two SSIDs but VPN client cannot be installed on APs, to tunnel the WLAN traffic directly to VPN destination.
Only our v/SZ-Dataplane products supports GRE, IPSec and softGRE tunneling.