Hello, new to the community!
-
First of all, thank you so much for the fast turnaround time for communicating!
I have the older Orbi Pro and I can say that if you have a printer connected to the local network employees do not have access unless you allow them to see each other and access local networks which I do not like as the employees should be able just to be able to access their own local network but Netgear some reason on this older router caused it to allow the other SSIDs to be able to communicate with the local network once unchecked and that’s why I have to keep it checked so they do not access the local network and be able to access my printers and other files on the local network. Three different SSID names but do not communicate with each other if you don’t allow the checkbox to allow devices to communicate with each other and see the local network. Is this a little bit easier to understand or answer your question? -
More info on Orbi Pro with SSID.
-
Does blue plus have to have access to the whole network if I don’t allow employees to see each other will the device work correctly and filter?Or did I have to purchase the gold and put the router in AP mode so each of the SSIDs gets filtered correctly without allowing access to each device?I’m noticing that the blue plus sees the other devices on the network but I don’t know if it needs full access to control the other devices on the network if I’m restricting communication between the devices.
-
The Blue/Blue+/Red can only see one network at a time. These units can not see through VLAN's.
So, if the orbi pro is VLAN, then blue/blue+/red can only see one VLAN that you configure it to see. (through a tagged port). If the orbi pro is doing everything internally, then there is no way anyone can see it.
But, I do see the orbi can map VLAN to SSID, which means, it is possible to have the blue monitor one of the VLAN's ... exactly how we don't know, none of us ever used the PRO before.
-
What are you guys think and your input on this configuration setup that I’m thinking about?
I have a net gear BR500 as a router switch. If I set the Orbi Pro in AP Mode then all of the traffic gets routed to the BR500 and then Firewalla can monitor everything through it.What I am trying to do is make it where the employees cannot see anything on my Wi-Fi connections and have access so if I buy another Orbi Pro and also put that in AP mode and allow the BR500 to be the router with this set up work?Two Orbi Pros Wi-Fi routers put in AP mode connected directly into the BR500 router and behind that is the Xfinity modem I’m wondering how this set-up would work and if it would work at all by placing the Firewalla in one of the ports of the BR500 router.Wi-Fi password will be different on both of the WiFi, I hope the setup allows me to keep my printer isolated on the Wi-Fi network to the other device and not allow people to stream Chromecast to any of the TVs or monitors. -
Your best solution is the Gold, it essentially replaces the BR500 and it has all the controls you want in router mode. I think if you configured it correctly, one ORBI PRO is enough. The feature you need is the VLAN to SSID mapping. See this as an example https://help.firewalla.com/hc/en-us/articles/360046231493-Firewalla-Gold-Tutorial-Network-Segmentation-Example-with-VLAN
If you don't use the Gold, I think you still can use the BR500 + ORBI Pro (just one orbi) and VLAN's to segment your network + SSID. Here, you need to place a blue on the same network as the VLAN that does the employee control. (I have no experience with this, this is theoretical).
And in case you do want multiple orbi (I think you can do away with cheaper mesh, no need the pro version), you can do as you said, one port on the BR500 per network and plug firewalla into the orbi to control just that network.
-
Yeah, I’m trying to segregate 2 Wi-Fi SSIDs and with the older Orbi Pro as It does not segregate the Wi-Fi as they can see each other and access each other and that’s why I was considering the Firewalla and running two WiFis routers in AP mode into the router BR500. Trying to allow the employees to see each other on one Wi-Fi network and allowing the local Wi-Fi router to stay isolated from employees' WiFi and have the Firewalla Utilize for both Wi-Fi routers into the BR500 seems to be a challenge but, I think maybe it's doable?.
Now, the new Orbi Pro 6 Separate the Wi-Fi SSIDs and the VLN. -
If you go with Firewalla Gold + Orbi Pro 6, if Orbi Pro 6 supports VLAN to SSID mapping, then you can easily build anything you want. It will be exactly like https://help.firewalla.com/hc/en-us/articles/360046231493-Firewalla-Gold-Tutorial-Network-Segmentation-Example-with-VLAN
With BR500 in the picture, you are pretty much limited running the blue for only one segment of your network.
Please sign in to leave a comment.
Comments
9 comments