Hello, new to the community!

Comments

9 comments

  • Avatar
    Firewalla

    Are the networks different on the different SSID?  Meaning, the Orbi is segmenting inside? if it is, then it will be like VLAN, firewalla can only see one network that's mapped to the network interface it is connected to. 

    0
    Comment actions Permalink
  • Avatar
    westpalmbeachflorida

    First of all, thank you so much for the fast turnaround time for communicating!

     
    I have the older Orbi Pro and I can say that if you have a printer connected to the local network employees do not have access unless you allow them to see each other and access local networks which I do not like as the employees should be able just to be able to access their own local network but Netgear some reason on this older router caused it to allow the other SSIDs to be able to communicate with the local network once unchecked and that’s why I have to keep it checked so they do not access the local network and be able to access my printers and other files on the local network. Three different SSID names but do not communicate with each other if you don’t allow the checkbox to allow devices to communicate with each other and see the local network. Is this a little bit easier to understand or answer your question?
    0
    Comment actions Permalink
  • 0
    Comment actions Permalink
  • Avatar
    westpalmbeachflorida
    Does blue plus have to have access to the whole network if I don’t allow employees to see each other will the device work correctly and filter? 
     
    Or did I have to purchase the gold and put the router in AP mode so each of the SSIDs gets filtered correctly without allowing access to each device?
     
    I’m noticing that the blue plus sees the other devices on the network but I don’t know if it needs full access to control the other devices on the network if I’m restricting communication between the devices.
    0
    Comment actions Permalink
  • Avatar
    Firewalla

    The Blue/Blue+/Red can only see one network at a time.  These units can not see through VLAN's. 

    So, if the orbi pro is VLAN, then blue/blue+/red can only see one VLAN that you configure it to see. (through a tagged port).   If the orbi pro is doing everything internally, then there is no way anyone can see it. 

    But, I do see the orbi can map VLAN to SSID, which means, it is possible to have the blue monitor one of the VLAN's ... exactly how we don't know,  none of us ever used the PRO before. 

    0
    Comment actions Permalink
  • Avatar
    westpalmbeachflorida

     What are you guys think and your input on this configuration setup that I’m thinking about?

    I have a net gear BR500 as a router switch. If I set the Orbi Pro in AP Mode then all of the traffic gets routed to the BR500 and then Firewalla can monitor everything through it. 
     
    What I am trying to do is make it where the employees cannot see anything on my Wi-Fi connections and have access so if I buy another Orbi Pro and also put that in AP mode and allow the BR500 to be the router with this set up work?
     
    Two Orbi Pros Wi-Fi routers put in AP mode connected directly into the BR500 router and behind that is the Xfinity modem I’m wondering how this set-up would work and if it would work at all by placing the Firewalla in one of the ports of the BR500 router.
     
    Wi-Fi password will be different on both of the WiFi, I hope the setup allows me to keep my printer isolated on the Wi-Fi network to the other device and not allow people to stream Chromecast to any of the TVs or monitors.
    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Your best solution is the Gold, it essentially replaces the BR500 and it has all the controls you want in router mode.  I think if you configured it correctly, one ORBI PRO is enough.  The feature you need is the VLAN to SSID mapping.  See this as an example https://help.firewalla.com/hc/en-us/articles/360046231493-Firewalla-Gold-Tutorial-Network-Segmentation-Example-with-VLAN

    If you don't use the Gold, I think you still can use the BR500 + ORBI Pro (just one orbi) and VLAN's to segment your network + SSID.   Here, you need to place a blue on the same network as the VLAN that does the employee control.   (I have no experience with this, this is theoretical).

    And in case you do want multiple orbi (I think you can do away with cheaper mesh, no need the pro version), you can do as you said, one port on the BR500 per network and plug firewalla into the orbi to control just that network. 

    0
    Comment actions Permalink
  • Avatar
    westpalmbeachflorida

    Yeah, I’m trying to segregate 2 Wi-Fi SSIDs and with the older Orbi Pro as It does not segregate the Wi-Fi as they can see each other and access each other and that’s why I was considering the Firewalla and running two WiFis routers in AP mode into the router BR500. Trying to allow the employees to see each other on one Wi-Fi network and allowing the local Wi-Fi router to stay isolated from employees' WiFi and have the   Firewalla Utilize for both Wi-Fi routers into the BR500 seems to be a challenge but, I think maybe it's doable?.

     
    Now, the new Orbi Pro 6 Separate the Wi-Fi SSIDs and the VLN. 
     
    0
    Comment actions Permalink
  • Avatar
    Firewalla

    If you go with Firewalla Gold + Orbi Pro 6, if Orbi Pro 6 supports VLAN to SSID mapping, then you can easily build anything you want.   It will be exactly like https://help.firewalla.com/hc/en-us/articles/360046231493-Firewalla-Gold-Tutorial-Network-Segmentation-Example-with-VLAN

    With BR500 in the picture, you are pretty much limited running the blue for only one segment of your network. 

    0
    Comment actions Permalink

Please sign in to leave a comment.