Possibility to disable web ui
Hi!
I'm considering to add the EAP225-Outdoor (or omada accesspoints in general) to our network infrastructure. Since I didn't find anything usefull in the freely available documentation, I have two questions.
1) The device appears to have a web ui (in addition to the management/control server). Is it possible to disable access to the UI via WIFI and only allow access to the UI via ethernet?
2) Is it possible to bind the UI to a specific VLAN or is the management UI exposed as UNTAGGED traffic on the ethernet port?
Best regards
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi jw_at,
- No. The EAPs can be operated in either stand-alone mode or in managed mode under control of Omada SDN Controller software, resp. an OC200:
- In stand-alone mode access to the web UI is enabled gloabally, but you can limit access by the MAC address for up to four devices.
- In managed mode access to the EAP's built-in web UI is disabled.
You manage the EAP through the controller, which can reside in another network.
However, to use the built-in Hotspot Portal you would need to grant access to the controller for wireless clients and secure its web UI using a password.
- You can set a »Management VLAN«, yes. This works in both, managed and stand-alone modes.
- Copy Link
- Report Inappropriate Content
Hi jw_at,
- No. The EAPs can be operated in either stand-alone mode or in managed mode under control of Omada SDN Controller software, resp. an OC200:
- In stand-alone mode access to the web UI is enabled gloabally, but you can limit access by the MAC address for up to four devices.
- In managed mode access to the EAP's built-in web UI is disabled.
You manage the EAP through the controller, which can reside in another network.
However, to use the built-in Hotspot Portal you would need to grant access to the controller for wireless clients and secure its web UI using a password.
- You can set a »Management VLAN«, yes. This works in both, managed and stand-alone modes.
- Copy Link
- Report Inappropriate Content
Thanks!
ad 1) hotspot portal) We would like to continue to use our opnsense portal, so if I understand it correctly, I can lockdown the controllers webui in regards of the wifi net work.
- Copy Link
- Report Inappropriate Content
@jw_at, yes, you can continue to use your pfsense portal. We also use our own portal running on the gateway router and place EAPs as well as the controller in an isolated management network, aside from the guest network.
See this post (scroll down to »Method 2«) for a typical network topology and router configuration. You can easily add an isolated management network or use the LAN for the EAPs and the controller. With a separate management network, typical topology is as follows:
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1341
Replies: 3
Voters 0
No one has voted for it yet.