Multi-Site Wifi using multiple uplinks

Started by jeremias.winter, September 04, 2025, 09:09:44 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 04, 2025, 09:09:44 AM
Hi all,

I have a situation that is, I think, a bit unusual. At least for my level of networking expertise :D

I manage a small company network spanning 3 offices that are close to each other, but not directly attached so there is no fixed cabling between them. Each one operates more or less standalone, with its own opnSense device as firewall. We have 2 wireless links set up, connecting the offices (see image for a rough topology sketch).

Currently, each site has its own WiFi networks (one for employees, one for guests). We want to improve this situation, so that we have the same WiFi networks in all offices.

Of course we could just use the same SSIDs and Passwords across the sites, but this has other downsides and I want to take the chance to use more professional equipment that can be managed centrally.

So I was thinking about getting three Access Points (e.g. the Ubiquiti UF6+) and using the UniFi controller software to set them up to "really" broadcast the same network. This would require the APs to be in the same VLAN which I could set up easily (the wireless links are on layer 2 to act as "virtual cables", carrying tagged VLANs).

However, since each of the sites has its own DSL uplink and opnSense firewall, this poses the question which one of those would handle the traffic. Naturally, I want to avoid having only one site handling all the WiFi traffic while the rest needs to go through the wireless links. (However, this would probably still work since performance is not the issue here, neither latency nor bandwidth are particularly critical).

So, my question is: Is this a reasonable plan, and how would I configure the opnSense firewalls to handle this? Or is this idea of a unified WiFi using 3 different uplinks stupid/unfeasible?

Thanks in advance for any input.
September 10, 2025, 10:35:49 PM #1
Why want you have all three wifis on the same layer 2?
This way you can run only a single DHCP for all sites.

Centralized configuration for all APs should be also possible if they are on different subnets, I think.
September 10, 2025, 10:40:19 PM #2
Quote from: viragomann on September 10, 2025, 10:35:49 PMCentralized configuration for all APs should be also possible if they are on different subnets, I think.

One of the strengths of Unifi, actually.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Today at 10:21:10 AM #3
Hi, thanks for the replies!

I just assumed that the APs must be on the same subnet, I've never actually set up such a system before.
If it's better to have them in different subnets, that would be no problem.

Maybe I'm just not understanding WiFi roaming good enough. All the enterprise-grade 802.11__ extensions seem very complicated and since we do not (yet) have a Radius server, we can't use most of them anyway.
So I think the pragmatic thing would be to stay with our current WiFi hardware, set them all to the same SSID/credentials, and that way "take what we can get" in terms of WiFi roaming, without having to change that much in the network configuration.

But just out of curiosity, how would I set up a roaming WiFi spanning all three sites, where client devices use mainly the uplink of the site they are in? Or is this not possible?
Print
Go Up Pages1
User actions