OK, I'm wading into this bridging and VLAN stuff, so let me try to explain what I'm trying to do... Maybe it's not possible with the Ubiquiti AirGateway.
I have a Ubiquiti NanoStation connected to the POE port (LAN0) of the AG. I would like for the NS to provide DHCP services to the wireless WLAN0 port. At a minimum, I would also like to be able to access the AG management through the AG LAN port (LAN1). I do not want AG management to be possible on the mesh.
I put the network into Bridge mode, and removed LAN1 from the bridge group that it defaults to - LAN0/WAN0/LAN1. Bridge mode successfully acts as a pass through between the NanoStation and any wireless client such as my MacBook Pro (it doesn't work with a Raspberry Pi, but I'm not sure it likes the AG encryption scheme.. That's a separate problem). However, I configured the management interface to utilize the LAN1 port, both in DHCP and fixed IP modes, and I'm not able to access it with a wired client on LAN1. DHCP does not provide an IP to the client, and in fixed mode, I'm not sure what IP address the AG is at - certainly not the one listed under management.
Is what I'm trying to do possible? I hate to go back to the TP-Link router as it's much bigger and more cumbersome for portable installations. However, the RPi does work with the wireless port of the TP-Link router and the IP addresses are assigned by the NanoStation.
Thanks,
Dave K3GX
I have a Ubiquiti NanoStation connected to the POE port (LAN0) of the AG. I would like for the NS to provide DHCP services to the wireless WLAN0 port. At a minimum, I would also like to be able to access the AG management through the AG LAN port (LAN1). I do not want AG management to be possible on the mesh.
I put the network into Bridge mode, and removed LAN1 from the bridge group that it defaults to - LAN0/WAN0/LAN1. Bridge mode successfully acts as a pass through between the NanoStation and any wireless client such as my MacBook Pro (it doesn't work with a Raspberry Pi, but I'm not sure it likes the AG encryption scheme.. That's a separate problem). However, I configured the management interface to utilize the LAN1 port, both in DHCP and fixed IP modes, and I'm not able to access it with a wired client on LAN1. DHCP does not provide an IP to the client, and in fixed mode, I'm not sure what IP address the AG is at - certainly not the one listed under management.
Is what I'm trying to do possible? I hate to go back to the TP-Link router as it's much bigger and more cumbersome for portable installations. However, the RPi does work with the wireless port of the TP-Link router and the IP addresses are assigned by the NanoStation.
Thanks,
Dave K3GX
I don’t have my airGateway in a spot to verify some of the finer details of this but going from memory:
The fact LAN1 is taken out of the bridge means it no longer has access to the DHCP server because DHCP isn’t bridged anymore, this impacts both your laptop and the AirGateway. As I additionally recall the onboard AirOs DHCP is also disabled in bridge mode. This means you would want to set the management IP address on the AirGateway to a static. You would than need to set your laptop IP manually to the same subnet as the AirGateway and use the configured static IP address to manage the device.
Another option might be to use the AirGateway firewall to restrict access to only allow hosts in the local subnet to access the AirGateway but it still has a full blown IP address in th local subnet of the mesh node.
Another option is you could also just run the mesh node in NAT mode which prevents access from the mesh side but are accessible locally.