So my wife's work laptop absolutely CANNOT connect to the network, however every other device in the entire home works perfectly.
I want to create a work network for her with just all security turned off(i know this is a terrible idea, but she is demanding it), and for obvious reasons I don't want her to be able to access ANYTHING on the more secure part of the network...basically her own private little DMZ, where she can do absolutely whatever.
Unfortunately as I tend to follow best practices, and have never even conceived of doing such a thing...I actually have no idea how to do it..
I have nextdns going and unbound, as well as suricata and zenarmour.
I setup a vlan and her own wifi using unifi... however I have absolutely no idea where to go from here...Any assistance would be greatly appreciated...
The way I would go about it is to spend some more time trying to determine what it is that is preventing your wife's laptop from connecting. Also, what exactly do you mean by that? Is her laptop unable to obtain an internal IP address from OPNsense? And presumably you have a WiFi access point behind the OPNsense box that she is connecting to?
A separate network can be made of course but part of the setup of it is most likely what is not working right now.
DNS, DHCP, etc.
In other words once you find what the problem actually is, you'll see that you need to set that up too on the separate network.
Or the other way around, if you setup that other network, you'll notice there what is not working now.
To setup a different network can depend on what hardware you have an its capabilities.
For instance if you have a VLAN capable switch, you can create a separate VLAN on your LAN OPN interface, configure the switch for it, setup dhcp & dns resolver for it and then firewall rules to isolate that's at high level it.
I'm doing something similar for my guest wi-fi network. A separate dedicated wireless router in AP mode. It's on its own VLAN and then firewall rules to only allow internet access.
Sent from my iPad using Tapatalk
start with watching
UnIFi & pfsense Deployment, Setup and Planning with WiFi, VLAN & Guest Network -> https://www.youtube.com/watch?v=LNAAfja_ZOY
Quote from: Grossartig on April 29, 2022, 05:50:10 AM
The way I would go about it is to spend some more time trying to determine what it is that is preventing your wife's laptop from connecting. Also, what exactly do you mean by that? Is her laptop unable to obtain an internal IP address from OPNsense? And presumably you have a WiFi access point behind the OPNsense box that she is connecting to?
Her work is. Its something with their configuration. Literally every other device I have on the network works perfectly. I have 3 different webservers, and a bunch of other things with absolutely no issues.
And when she uses her phone to hotspot connect
using the same wifi, that works fine as a relay.
Quote from: chr on April 29, 2022, 04:22:34 PM
I'm doing something similar for my guest wi-fi network. A separate dedicated wireless router in AP mode. It's on its own VLAN and then firewall rules to only allow internet access.
Sent from my iPad using Tapatalk
I have a guest network with this setup and working fine as well, with a captive portal and everything. I just dont want to bandwidth limit her.
Quote from: EdwinKM on April 29, 2022, 07:52:06 PM
start with watching
UnIFi & pfsense Deployment, Setup and Planning with WiFi, VLAN & Guest Network -> https://www.youtube.com/watch?v=LNAAfja_ZOY
This obviously is not the issue, as i noted,
every other of my over 100 devices work fine.Quote from: cookiemonster on April 29, 2022, 02:30:48 PM
A separate network can be made of course but part of the setup of it is most likely what is not working right now.
DNS, DHCP, etc.
In other words once you find what the problem actually is, you'll see that you need to set that up too on the separate network.
Or the other way around, if you setup that other network, you'll notice there what is not working now.
To setup a different network can depend on what hardware you have an its capabilities.
For instance if you have a VLAN capable switch, you can create a separate VLAN on your LAN OPN interface, configure the switch for it, setup dhcp & dns resolver for it and then firewall rules to isolate that's at high level it.
As stated in my first response, It is not a me problem. I just want to do this to basically just have it completely out of my hair.
OK but what do you want assistance with exactly?
QuoteSo my wife's work laptop absolutely CANNOT connect to the network, however every other device in the entire home works perfectly.
QuoteI setup a vlan and her own wifi using unifi... however I have absolutely no idea where to go from here...Any assistance would be greatly appreciated...
have you set it up already? her private network? is that the one your saying that is "NOT" connecting?
if yes maybe a detail of that config would help, what sort of "private" network did yousetup? VLAN? dedicated lan port?
I learned this the hard way when I moved to opnsense
Go to services - dhcp4 - wives vlan - under dns servers add your favorite dns server there, then reboot her device
found the issue. was zenarmor.