How do I create a guest network in a full Ubiquiti setup with DHCP handled by the DC?

[thecomputerguy]

Normally if I want to get a guest network up and running quickly in a full Ubiquiti setup I'll just create a separate SSID and give it guest policies so that the device connected to the guest network is isolated from the rest of the network. I know technically it should be on it's own VLAN but this has worked fine for me in the past in small applications.

In a Dental office I just did when I enable another SSID with guest policies the clients aren't getting an IP from the DHCP server which is our DC. DHCP is disabled in the USG and is handled completely by the DC.

Setup is USG, Ubiquiti 24P Gigabit, Ubiquiti Cloud Key, Ubiquiti 8P POE Switch, Ubiquiti AP's.

Any help?

 

[YeOldeStonecat]

You'd want the guest network (since it's a dental office) to be properly segmented...(separated) from the production network. So I'd create a guest network...a VLAN for it..and have the USG run DHCP for that.

Keep your compliance that way!.


If you want to toss security aside, and muddle it to touch the server....you can created a new scope on a Windows Servers DHCP..and there is a way to do "dhcp helper/dhcp relay" for a VLAN (defined in Unifi)...so that it points to the DHCP service on the server...basically points to the IP of the server. I have not done this in years, and when I did it..it was before Ubiquiti was even born. Did it in early HP Procurve days with Sonicwalls creaing a multi site VPN. I am sure Unifi can do it. Basically with Windows server ...you can have multiple DHCP Scopes defined in the DHCP server. And there's a way to assign a scope via the DHCP helper/relay part of a VLAN.

Can technically still keep it separate and compliant, but really I'd just create that VLAN for the guest network...and have the USG handle DHCP for that guest VLAN.

 

[Markverhyden]

Are they getting any IP?