HSG3 - Single SSID, Single Portal, Multi-VLAN

This sample scenario represents a very large HSG deployment, where you want to offer a seamless user experience across the entire network.

However, due to large size of the network, you may have a single SSID, but mapped to Multi-VLANs at different locations, all sharing the same login portal.

  • Can use any type of AP at LAN side
  • Have dedicated management VLAN for AP management addressing (VLAN1)
  • Single SSID, but mapped to different VLANs at different locations
  • Same portal across all VLANs, and seamless user roaming experience across VLANs

Common use cases

  • Big Hotels
  • Big shopping malls
  • Large tourism places
  • Airports, stadiums, etc.

Deployment steps

  • Connect HSG eth0 (WAN) to Internet (ISP link ONT or modem). NOTE: If you're using 10G ports for LAN and WAN, the port number is different, please consult vendor.
  • Connect HSG eth1 (LAN) to LAN switch
  • Connect HSG eth2 to management PC (configure PC with DHCP, then connect to mbox GUI using http://10.10.10.1, login with mboxadmin/Letthem0ut7&)
  • HSG eth3 is reserved for private LAN. It's pre-configured to issue DHCP IP.
  • Connect AP to LAN PoE switch
      • use default VLAN1 as management VLAN for AP/WLC.
        • AP will be getting DHCP IP from HSG from network 192.168.8.0/22
        • Reserved IP for WLC or other device, range from 192.168.8.2 to 192.168.8.99
      • add all VLANs on switch (VLAN10, 20, 30, 40, 50), configure all switch-ports to be in trunk mode, and permit all VLANs for each port (default)
      • configure AP to broadcast desired SSID and assign AP (eg. at different locations) to different VLANs, by sharing the same SSID
        • HSG default pre-configured VLANs are VLAN10, 20, 30, 40, 50. Auto roaming between VLANs are enabled.
        • please refer to respective vendor doc for configuring AP to map SSID to VLAN

3-Step deployment from sample config

NOTE: please upgrade your box to firmware version 20190606-1500, and above (follow this guide to upgrade firmware)

  1. download Sample config for HSG3-SingleSSID/Portal-MultiVLAN
  2. follow this video guide to deploy HSG by restoring from sample config
  3. follow this video guide to customize landing page and login options and create schedule reports.

NOTE: please make sure the portal name remains as "portal".

Sample config default settings

  • the eth0(WAN) port is pre-configured to get dhcp IP from ISP ONT/modem (or upstream router). If you need to change interface IP/route, please follow this guide.
  • In order to enable auto-roaming between VLANs, seamless relogin is enabled for 1 day. (see details on seamless relogin).
  • syslog server (user access logging) is enabled to collect DNS access logs and storing data up to last 5 days (see more details on DNS logging)
  • user access records are stored up to last 90 days
  • user info (username and profile data) is kept unlimited
  • monthly auto backup is configured, keeping the last 3 backup files (see details on backup & restore)