Hi,
I currently have 4 Vlans (Iot, Guest, Camera, LAN) working nicely with Opnsense using a managed switch and a few Unifi InWall APs scattered around the place. The Unifi APs have SSIDs created and mapped to each of the Vlans.
Is it possible to create another 2x SSID on the Unifi AP and map it to the one IoT Vlan? The reason is the Iot SSID is currently broadcasting using both 2.4Ghz and 5Ghz and I want to create 2 more SSIDs on the Unifi APs - 1 for 2.4Ghz and 1 for 5Gghz range and map to existing IoT Vlan.
Or is it better to just create 2 more Vlans and map them individually?
Thankyou
I can't think of any reason you can't map any number of SSID's to the same VLAN. People do it all the time for different authentication for example.
Thanks Linwood looks like it's working and this is what it looks like now in the Unifi AP WIFI settings
| SSID | VLAN | WIFI BAND |
| IoT | 80 | 2.4GHz + 5GHz |
| IoT2 | 80 | 2.4GHz |
| IoT5 | 80 | 5GHz |
| Guest | 100 | 5GHz |
| LAN | Native | 5GHz |
Thanks!
Just for clarity, the issue was not with OPNsense.
Creating new vlan ID's on wifi side might provide additional separation between SSID's, etc. But some wifi AP's already isolate SSID's by default, so in that case dumping them all onto same layer-2 (vlan id) is ok. On the other hand, if that isolation is not there, and, you want fw rules to control SSID to SSID traffic, then having separate vlan ID's per SSID all running .1q to fw makes sense.
As example, one AP, my printers on wifi SSID-A and all my compute is wifi on SSID-B, B needs to print to A wifi network. If I wanted full fw rules control I put SSID-A on vlan ID1, SSID-B on vlan ID2, then .1q that to fw and have fw rule that allows printing traffic from B to A, etc.