Introduction |
We shall now describe how to configure a bintec router in the Rxx02 series as a WLAN controller for the local WLAN infrastructure (bintec W2003ac™ access points) and as the central access gateway in the WAN (Internet) with automatic network setup and firewall for devices in the WLAN and Ethernet LAN.
The GUI™ (Graphical User Interface) is used for configuring.
A company location should be equipped with Ethernet LAN and WLAN used separate by employees and guests:
The computers and other devices of the two user groups should be automatically integrated into the network by DHCP and be able to access the Internet.
Guests should not be able to access the employee intranet.
However, employees ought to be able to access the guests' intranet, for example to be able to securely and quickly share selected documents with an external project partner on the premises within the company.
Access to the network infrastructure should also be limited to system administrators.
Example scenario
The following are required for the configuration:
A Bintec router from the RS series, the RXL series, the be.IP™ or be.IP plus™.
Access points from the bintec W2003ac™ series or bintec WIx0xxn series (e. g. bintec WI1003n™). The minimum number of necessary access points depends on the size and building structure of the company location and can be accurately determined by a prior WLAN radio frequency site survey (see the WLAN Controller introduction for more on this). In our example, we use 5 bintec W2003ac™'s and one bintec WI1003n™.
A boot image with at least version 10.1.9 for the Bintec router
A boot image with at least version 10.1.9 for the access points
Internet access at the company location.
At least one PoE switch for the access points and other switches for the LAN.
Overview of interface configuration on the Bintect router:
en1-0 | System area | IP address 10.0.0.1/24: DHCP server for access points and the WLAN controller interface |
en1-0-1 | Staff WLAN | Virtual interface via en1-0 with VLAN ID 10, IP address 10.0.10.1/24: DHCP server and gateway for the employee WLAN |
en1-0-2 | Guest WLAN | Virtual interface via en1-0 with VLAN ID 20, IP address 10.0.20.1/24: DHCP server and gateway for the employee WLAN |
en1-1 | Staff Ethernet LAN | IP address 10.0.1.1/24: DHCP server and gateway for the employee Ethernet WLAN |
en1-2 | Guest Ethernet LAN | IP address 10.0.2.1/24: DHCP server and gateway for the guest Ethernet WLAN |
en1-4 | WAN | Uplink to the Internet |
Copyright© Version 01/2020 bintec elmeg GmbH |