 Tom here from Lawrence Systems, and we're going to talk about wireless and VLANs. Any large corporate or enterprise network nowadays, pretty much all have wireless within them, and how do you deal with setting up VLANs? Even small home users are doing this very frequently now, because they want to separate different things, and I've done a lot of videos on how to separate different devices onto separate networks. But how do you do it with one wireless device? We're going to dive into that. If you want to learn more about me or my company, however, to LawrenceSystems.com, where you can hire us if you'd like to hire us for a project, or just read up about us and what we do. If you want to support the channel in a ways, there are affiliate links down below for products and services that we talk about, and can get you some deals and discounts and help out the channel. So in my hand is a Unify Nano HD by Ubiquiti. I chose this because, well, it's in stock, and I have a bunch of them, and I've done a lot of Unify videos. But we're not going to talk specifically about only Unify, or we're going to talk in general about VLANs and networking. So this is kind of sort of a part two. If you're not familiar with VLANs and networking, I did a whole video on managed, on managed switches, VLAN, and layer three routing to kind of give an overview of how that works. But of course, people said, what about the wireless? Well, I want to do that as a separate video because I know it's a specific question people just want to jump into. So the prerequisite for this is not necessarily that you have watched my previous video that I just did, which I will link to, but it's more that you have an understanding of how those things work together. This is very much a prerequisite because some people don't understand what a VLAN is. If you don't understand what a VLAN is, configuring on the wireless is going to be a bit more challenging for you. This diagram I used just the other day in that video, and it's pretty much the same thing here. We have the VLAN1 native, VLAN1337, and VLAN69. And when you add a wireless into the mix, same rules apply. Wireless is just a different medium for connecting, but operates much the same way as a switch. So you have to have a, and I do in my hand this Nano HD, a wireless access point that is VLAN aware. That is a first prerequisite. And the next one is, and we have all of our VLANs to find in our firewall here in this diagram, and it goes all traffic as in the trunk port, handoff to manage switch, handoff to manage switch, handoff to manage switch. And then when you hand it off to the wireless access points, you want to send all the traffic, VLANs and everything over to the wireless access point. Now, I'm not going to get into the finer details. Someone will say, well, wouldn't you only hand off only the VLANs that you're in there? Yes, if you want to get into the finer details, yes, you probably would only want to pass over traffic to help minimize things. So you're only seeing the VLANs. But for simplicity, we're going to say all because this particular network only has a couple of VLANs on it in our demo here. And we're going to assume we're going to be using those particular networks on here. So just like other Switch, when we pass all and we open our port up with all traffic, the native VLAN comes through and we end up with 192.168.3.18. So that is a network native. But then when we take the VLAN tag 1337 and split it off and we have a wireless access point that can do this, we end up with the devices getting the VLAN ID of 1337 and the IP address of 10.13.37.104. Just like we have here in a demo. We're going to get into a little bit more technical in a second. Also important to note, if you are connecting another wireless AP to another wireless AP, either by bridging or meshing or whichever is supported in a device that you're using, you also have to make sure provided it has an option for this that you're bridging all the traffic over there. So when they bridge, you have to make sure that they're doing this, especially when you're doing two different models that that native traffic is carrying over. Now, the challenge comes in. A lot of people have these older access points or non-VLAN aware ones. And for those to work with VLANs is not possible. They're just throwing it out there. This question comes up, can I use my old, you know, insert name of consumer device here that's an old access point? And if it does not have the ability to understand VLANs, it's not going to work. The only thing you can really do with those is, for example, if you trunked out a port and say, hey, I want this port to only be 1337, and then you pass it along to that access point. And it just rebroadcasts, you know, basically changing the link medium from wired to wireless with, you know, obviously if you want to have password on that or not for WPA, WP2, or however you're authenticating it, it's passing that piece of information along. But that device ends up living in that network. For example, of our wireless APs. They're wireless APs because of the way they're configured. They're going to get an IP address with the native VLAN ID and then pass over basically the same way a switch does, you know, trim out that port so it only has VLAN tag and this is going to be tied to a specific SSID. And I'm going to show you how it happens in Unify. But like I said, this can apply to a lot of other devices. So we have our Unify here. And here are the two different Wi-FIs. Do we have Wi-Fi? And that is on native. And that's actually what my laptop is connected to right now. So if you look at, do we have Wi-Fi, WP personal network access? Everything's pretty much at default. Nothing special here. It just has a password on it. So no big deal there. Go over here into the terminal. Actually clear and then right here. So we're connected to that and it's 192.168.3.18. And if we go here, just to prove it's connected, do we have Wi-Fi? All right. What happens when we select a different network? Let's say Ponage and stuff. So we'll connect to that network. Go to the IP address, 10-1337-104. Go back over to our diagram real quick. 10-1337-104. This represents my laptop connected to VLAN ID 1337. And we called it Ponage and stuff. How did we do that? Well, in Unify they make it pretty easy. So we're on Ponage and stuff, the group default clients. But this is what's different between these two. So it's one physical access point broadcasting out. And by the way, if you aren't familiar with the Unify, I have plenty of videos on this particular topic. Unify will broadcast this out to all the APs in this particular group. Like I said, it goes out of scope. But we have the Wi-Fi password. But then we have down here, VLAN ID 1337. This is where the VLAN gets put in. Is it side provided you have a VLAN aware Wi-Fi access point? You put the VLAN ID and tie it to the SSD. So let's create another one real quick. So we're going to go and create a new network. Wi-Fi network with name. This is VLAN, I'll spell it out, 69. There we go. All right, WP personal. I guess we'll put personal. We'll just set a password of 12345678. There we go. Make it something really simple. We're not worried about any policies. You can apply guest policies. That's going to be dependent on the different Wi-Fi, et cetera. Now we need to put in the VLAN ID. VLAN ID for this is going to be 69. Really simple. So we put in VLAN ID 69. Done. All right, so the system is provisioned. Takes a minute, pushes out the settings. And now you can see we have the ponage and stuff at 1337. And this is VLAN 69 with VLAN 69. And I set the password to 12345678. So let's go ahead and select Network and connect to it. This is VLAN 69. Connect. All right, we are connected to it. And go back over here to our terminal. And you can see 172.69.124. So pretty straightforward. Once you tag the VLAN. So this one wire coming to this one access point, we pull all the VLANs, send them over to here, and then in the programming within this controlled by the unified control plane, that particular software, it now separates SSID called this is VLAN 69, tagged VLAN 69, strips that tag off of this one wire coming in, and now we actually have three separate networks running on here. VLAN 69, the ponage network, and the do we have Wi-Fi. So if you have any questions, comments, or concerns, head over to our forums where we can discuss this. Hopefully this was a clarification and solved some problems. We've certainly had a lot of troubleshooting for people who have simply made a few mistakes and not completely are clear on VLANs, and they try to assign it at the switch level. And by the way, these don't need to be defined in the switch. This particular switch, in matter of fact, you don't even need to define the VLANs in this particular Unify instance. They only have to be defined on the tag and of course whatever their source is. In this particular case, it's a PF sense at the head end, doing all the routing, defining the VLANs, and then sending it all the way down. If you're not familiar with VLANs and managed switches, like I said, I have another video that I'll link to down below, but this is how you program the VLANs. And like I said, my demo here was with the Unify, but this still applies to whichever device you are using, where you make sure you're sending all the data over there. All right, and thanks. Oh, and for those wondering about do we have Wi-Fi, why it's called that, there is an upcoming video about putting Wi-Fi in a library that I'll be making, so that's a joke reference to it. Thanks. And thank you for making it to the end of the video. If you liked this video, please give it a thumbs up. If you'd like to see more content from the channel, hit the subscribe button and hit the bell icon to like YouTube to notify you when new videos come out. If you'd like to hire us, head over to laurancesystems.com, fill out our contact page, and let us know what we can help you with and what projects you'd like us to work together on. If you want to carry on the discussion, head over to forums.laurancesystems.com, where we can carry on the discussion about this video, other videos, or other tech topics in general, even suggestions for new videos, they're accepted right there on our forums, which are free. Also, if you'd like to help the channel in other ways, head over to our affiliate page. We have a great tech offers for you. And once again, thanks for watching and see you next time.