Hi Forum Team,
I checked out the video from MobileMustHave about creating a policy on a specific wifi network that uses it’s own connection priority sequence. I set it up fine for one specific use. However, what I really want to do is set up a similar that does not allow my LAN port, which has a Ubiquiti Unifi access point connected, to access “Cellular 1” and only use “Cellular 2”.
The rest of my family uses the AP because it broadcasts well all the way to the back of my RV, while the Pepwave struggles. Cellular 1 is Verizon and 2 is T-Mobile. In the areas I’ve been in lately, T-Mobile is slow and I need the stronger Verizon signal for work. So I’m trying to give my family access to the T-Mobile data via the AP.
Is this possible? If so, how to I make a policy that affects the LAN port?
Thanks all!
A couple of different tactics suggest themselves. In both cases create a separate VLAN for users to be restricted to using only cellular 2 :
- Create a separate VLAN (let’s call it “TMO”).
- Create an outbound policy that directs all traffic from source IP addresses on the TMO VLAN to cellular 2.
Then either
- Make the port that the AP is connected to an access port, and assign it to the TMO VLAN.
or
- Create a separate SSID on the AP (“TMO Wi-Fi”) and assign it to the TMO VLAN tag. (I am not too familiar with Ubiquiti devices, so I would not know whether that is difficult. With Pepwave APs it is trivial).
The former approach makes the differentiation invisible to the users, the latter makes it a matter of choice when one logs onto the AP.
A more maintenance-rich variant is to not go the VLAN route, but use DHCP to assign specific devices stable (local) IP addresses. Then create outbound policies that direct specific IP addresses (or address ranges) to specific (e.g., the TMO) WANs
Cheers,
Z
1 Like