cancel
Showing results for 
Search instead for 
Did you mean: 

TG585 v8 mSSIDs to limit gues wifi access to private network?

LFNfan
Dabbler
Posts: 15
Registered: ‎08-08-2013

TG585 v8 mSSIDs to limit gues wifi access to private network?

Hi
I have seen a guide here http://npr.me.uk/mssid.html for adding a second wireless SSID to my TG585 v8.
Could a second SSID use a different subnet than my private lan, for house guests to use?
Many thanks
Paul
11 REPLIES 11
npr
Pro
Posts: 1,898
Thanks: 119
Fixes: 9
Registered: ‎21-01-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

If you're looking to keep guests from your LAN then see the advanced DMZ page and use just the wireless options there.
I don't know if TG585v8 supports multiple SSID, I know the v7 doesn't.
LFNfan
Dabbler
Posts: 15
Registered: ‎08-08-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

npr, of npr.me.uk!  Hello, and thx for your response.
v8 does support mssid's, so I have started working through your Advanced DMZ http://npr.me.uk/advdmz.html, but the first telnet cmd doesn't give anything back:
wireless mssid ifadd ssid=MyDMZ

so I'm struggling a bit.
I got this:
{dom}=>:wireless mssid iflist
ssid 0 : PNW                                        [UP] Security: WPA-PSK
ssid 1 : DMZ                                        [DOWN] Security: Disabled
which makes me think the DMZ SSID is '1'.
But for the ethernet port name I'm struggling.... 'ethif1' 'ethport1' 'wlif1' and 'w1_ssid1_local0' all bomb..Any pointers much appreciated.
{dom}=>eth bridge list
--------------------------------------
bridge configuration for "bridge" :
OBC      : dest : Internal
            Connection State: connected  Retry: 10
            Priority Tagging: Disabled
            Port: OBC            PortNr: 0          PortState: forwarding  Interface: up
            Multicast filter: disabled              Dynamic VLAN    : disabled
            WAN            : enabled
            IGMP snooping  : enabled
            Transparent Prio: disabled
            BPDU Filtering  : disabled
            Extra Tagging  : none
            VLAN: Default VLAN: default  Ingressfiltering: disabled  Acceptvlanonly: disabled
            VLAN: Priority: disabled  IP Prec: disabled  Priority: 0  Regeneration table: 0 1 2 3 4 5 6 7
            RX bytes: 61672      frames: 0
            TX bytes: 9117      frames: 0            dropframes: 0
ethport1  : dest : ethif1
            Connection State: connected  Retry: 10
            Priority Tagging: NA (destination switch interface)
            Port: ethport1      PortNr: 1          PortState: forwarding  Interface: up
            Multicast filter: disabled              Dynamic VLAN    : disabled
            WAN            : disabled
            IGMP snooping  : enabled
            Transparent Prio: disabled
            BPDU Filtering  : disabled
            Extra Tagging  : none
            VLAN: Default VLAN: default  Ingressfiltering: disabled  Acceptvlanonly: disabled
            VLAN: Priority: disabled  IP Prec: disabled  Priority: 0  Regeneration table: 0 1 2 3 4 5 6 7
            RX bytes: 61672      frames: 0
            TX bytes: 9117      frames: 0            dropframes: 0
ethport2  : dest : ethif2
            Connection State: connected  Retry: 10
            Priority Tagging: NA (destination switch interface)
            Port: ethport2      PortNr: 2          PortState: forwarding  Interface: down
            Multicast filter: disabled              Dynamic VLAN    : disabled
            WAN            : disabled
            IGMP snooping  : enabled
            Transparent Prio: disabled
            BPDU Filtering  : disabled
            Extra Tagging  : none
            VLAN: Default VLAN: default  Ingressfiltering: disabled  Acceptvlanonly: disabled
            VLAN: Priority: disabled  IP Prec: disabled  Priority: 0  Regeneration table: 0 1 2 3 4 5 6 7
            RX bytes: 0          frames: 0
            TX bytes: 0          frames: 0            dropframes: 0
ethport3  : dest : ethif3
            Connection State: connected  Retry: 10
            Priority Tagging: NA (destination switch interface)
            Port: ethport3      PortNr: 3          PortState: forwarding  Interface: down
            Multicast filter: disabled              Dynamic VLAN    : disabled
            WAN            : disabled
            IGMP snooping  : enabled
            Transparent Prio: disabled
            BPDU Filtering  : disabled
            Extra Tagging  : none
            VLAN: Default VLAN: default  Ingressfiltering: disabled  Acceptvlanonly: disabled
            VLAN: Priority: disabled  IP Prec: disabled  Priority: 0  Regeneration table: 0 1 2 3 4 5 6 7
            RX bytes: 0          frames: 0
            TX bytes: 0          frames: 0            dropframes: 0
ethport4  : dest : ethif4
            Connection State: connected  Retry: 10
            Priority Tagging: NA (destination switch interface)
            Port: ethport4      PortNr: 4          PortState: forwarding  Interface: down
            Multicast filter: disabled              Dynamic VLAN    : disabled
            WAN            : disabled
            IGMP snooping  : enabled
            Transparent Prio: disabled
            BPDU Filtering  : disabled
            Extra Tagging  : none
            VLAN: Default VLAN: default  Ingressfiltering: disabled  Acceptvlanonly: disabled
            VLAN: Priority: disabled  IP Prec: disabled  Priority: 0  Regeneration table: 0 1 2 3 4 5 6 7
            RX bytes: 0          frames: 0
            TX bytes: 0          frames: 0            dropframes: 0
virt      : dest : ethif5
            Connection State: connected  Retry: 10
            Priority Tagging: NA (destination switch interface)
            Port: ethport5      PortNr: 5          PortState: forwarding  Interface: up
            Multicast filter: disabled              Dynamic VLAN    : disabled
            WAN            : disabled
            IGMP snooping  : enabled
            Transparent Prio: disabled
            BPDU Filtering  : disabled
            Extra Tagging  : none
            VLAN: Default VLAN: default  Ingressfiltering: disabled  Acceptvlanonly: disabled
            VLAN: Priority: disabled  IP Prec: disabled  Priority: 0  Regeneration table: 0 1 2 3 4 5 6 7
            RX bytes: 0          frames: 0
            TX bytes: 7815601    frames: 108393      dropframes: 0
WLAN      : dest : wlif1
            Connection State: connected  Retry: 10
            Priority Tagging: Disabled
            Port: ethport6      PortNr: 6          PortState: forwarding  Interface: up
            Multicast filter: disabled              Dynamic VLAN    : disabled
            WAN            : disabled
            IGMP snooping  : enabled
            Transparent Prio: disabled
            BPDU Filtering  : disabled
            Extra Tagging  : none
            VLAN: Default VLAN: default  Ingressfiltering: disabled  Acceptvlanonly: disabled
            VLAN: Priority: disabled  IP Prec: disabled  Priority: 0  Regeneration table: 0 1 2 3 4 5 6 7
            RX bytes: 952065    frames: 8103
            TX bytes: 13936432  frames: 116752      dropframes: 0

{dom}=>:eth bridge ifadd intf=Wdmz dest=wl_ssid1_local0 logging=d
Invalid interface name.
Bad value for parameter 'dest'
Illegal option.
Unknown command.

{dom}=>eth device iflist
Interface      Type            Result          State
ethif1          auto            100BaseTFD      UP [forwarding]
ethif2          auto            Not connected  UP [forwarding]
ethif3          auto            Not connected  UP [forwarding]
ethif4          auto            Not connected  UP [forwarding]
ethif5                                                          UP [forwarding]
wlif1                                                            UP [forwarding]
wl_ssid1_local0                                      UP [forwarding]

{dom}=>:eth bridge ifadd intf=Wdmz dest=wlif1 logging=disabled
Invalid interface name.
Bad value for parameter 'dest'
Illegal option.
Unknown command.

{dom}=>:eth bridge ifadd intf=Wdmz dest=ethif1 logging=disabled
Invalid interface name.
Bad value for parameter 'dest'
Illegal option.
Unknown command.
npr
Pro
Posts: 1,898
Thanks: 119
Fixes: 9
Registered: ‎21-01-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

Hi,
It does look like the new SSID is called DMZ and has the ssid_id of 1
I suggest you delete that and start again, you will need the response from the command to identify the ethernet port name.
The command to delete DMZ is:
wireless mssid ifdelete ssid_id=1
May be a good idea to backup the settings first Wink
If you could then re-issue the following command and post the response, I'll see if I can talk you through. Bear in mind it's a couple of years since I wrote those instructions so I am a bit rusty.
wireless mssid ifadd ssid=MyDMZ
Note:
The O2 technicolor routers have the option in the GUI to create a private guest wireless station. I've been intending to check out the command used in the O2 router to see if it's a easier method -- I'll see if I can do that for this weekend.
LFNfan
Dabbler
Posts: 15
Registered: ‎08-08-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

This is much appreciated.
I will reissue the command and see what happens, although I didn't get a peep after I issued the cmd the first time. Should / could I add a verbosity argument to the command, or environment, if there is such a thing?
Cheers
Paul
LFNfan
Dabbler
Posts: 15
Registered: ‎08-08-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

{dom}=>wireless mssid ifdelete ssid_id=1
{dom}=>wireless mssid ifadd ssid=MyDMZ    :( Nothing !!
{dom}=>:wireless mssid ifdelete ssid_id=1
{dom}=>wireless mssid ifdelete ssid_id=1
Problem occured during deleting ssid(1)
{dom}=>:wireless mssid ifadd ssid=MyDMZ verbose=1
Invalid option => verbose
{dom}=>
npr
Pro
Posts: 1,898
Thanks: 119
Fixes: 9
Registered: ‎21-01-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

Try:
wireless mssid ifadd ssid=MyDMZ radio_id=0
wireless mssid iflist
And post the result please.
I've looked at the cli commands for the O2 method of creating a guest wireless. It's the same as my method only using the default vlan so it's not a great deal simpler.
LFNfan
Dabbler
Posts: 15
Registered: ‎08-08-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

{dom}=>wireless mssid ifadd ssid=MyDMZ radio_id=0
Invalid option => radio_id

It's not playing nicely.
npr
Pro
Posts: 1,898
Thanks: 119
Fixes: 9
Registered: ‎21-01-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

I can only assume the basic commands like "wireless mssid" are accepted by the TG585v8 but some parameters like "radio_id are not accepted.
Likewise with the response not being given, so in place of "wl_ssid1_local0" assume it's ""wl_ssid1" and try from there.
To help you get the commands and parameters correct I would enter them using the menu commands, that will give some guidance -- not a lot but better than nothing.
Sorry I'm not being more help but without a TG585v8 I can only guess what the commands / parameters are. I can't even find a document listing the cli commands.
If you do wish to get a cli list I'm sure Alex, at modem-help, would be willing to produce one.
For details see:
http://forums.modem-help.co.uk/viewtopic.php?t=9728&sid=fe35dc9780da6f27f8ec47af2a574cfd
LFNfan
Dabbler
Posts: 15
Registered: ‎08-08-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

Thanks npr, you're being a great help.
I will try wl_sdid1, and if no joy, will see if I can get a definitive list of cli commands with Alex's assistance.
How does one use menu commands to enter cli commands?
npr
Pro
Posts: 1,898
Thanks: 119
Fixes: 9
Registered: ‎21-01-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

Just type "menu" (without quotes) in the telnet window and all should be obvious.
Good luck and please let us know how you get on.
LFNfan
Dabbler
Posts: 15
Registered: ‎08-08-2013

Re: TG585 v8 mSSIDs to limit gues wifi access to private network?

'menu' takes a bit of getting used to...!
well, this is not conclusive, but I seem to have been able to create the wireless station successfully.  I haven't attempted to attach the station to the dmz vlan as I have changed tack somewhat with my 'guest wifi access' plans:
I now have two physical TG585v8 routers, and plan to have a 'physical' dmz lan for guests to access, and a private lan behind a second physical router.
Some technical problems getting that to work, but it's the subject of a separate thread, I think.
Thanks for your help npr.