FWP - Transparent Bridge Mode?
I have an Amplifi HD (router with paired Mesh APs) which is not compatible with Firewalla Simple Mode - can I use FWP Transparent Bridge Mode to filter traffic on a dedicated SSID which is provisioned by the Amplifi HD?
If yes, then is the below topology correct?
-
@Firewalla - Thanks. I expected my picture to fail for that exact reason.
To clarify, if I use:
[Modem]<--> FWP in router mode <---> Ampilfi in AP mode
Then I can create multiple SSIDs to limit WLAN access to a URL for a specific device?
I thought the Amplifi HD wouldn't 'pass' the required config (either SSID or VLAN) to/from the specific device back to the FWP? I'm ecstatic to be wrong, but thought my research determined this. Can you confirm that my use case will work with the corrected topology above?
(FY - I am currently planning an Aruba 1830 w/ AP-22s behind the FWP but need to find budget for this). -
@Firewalla - I may have just figured out why I'm asking bad questions (your job must be SO painful sometimes :( ) ...
If I create 'multiple networks' in the FWP, and if these are represented by multiple SSIDs, then AmplfiHD in Bridge Mode should - theoretically - be able to pass those multiple SSIDs to WLAN clients transparently. However, the FWP implements 'multiple newtorks' not as distinct SSIDs but as VLANs and the AmplifiHD in Bridge Mode does not (this is confirmed) acknowledge VLANs. So me confusing the relationship between SSIDs and VLANs is why this simply won't work. Does this sound right?
-
I'm not Firewalla, but yes, that sounds right. The APs (AmplifiHD in this case) are the only devices that know about the SSIDs. By the time the traffic is presented to the FWP by the APs, the SSID information is lost.
APs that support VLANs allow you to map each SSID to a separate VLAN. The traffic seen by the FWP will then have the VLAN ID, which the FWP can use to associate it with the correct network.
Please sign in to leave a comment.
Comments
6 comments