davidnelson.net

Category: Wi-Fi

  • Ubiquiti UniFi Access Points with VLANs on Juniper EX switches

    It is assumed that you already have VLANs configured on your switch and router. This post only describes how to configure the ports that your APs connect to.

    If you want to use VLANs on Ubiquiti’s UniFi line of access points, the switch ports they connect to must offer a native or untagged VLAN in addition to being a trunk port.

    On Juniper EX switches this is accomplished by setting interface-mode to trunk, but also specifying a native-vlan-id.

    Your APs get an IP address on the native VLAN, and that becomes the network that is used to manage them.

    Below is the configuration I use for the ports my APs live on. I’m using an interface range to ensure all my AP ports are set up exactly the same, but you could also put this config directly on each interface:

    # show interfaces interface-range unifi  
member ge-1/0/1;
member ge-1/0/2;
member ge-0/0/11;
description "Ubiquiti UniFi access points";
native-vlan-id 1;
unit 0 {
    family ethernet-switching {
        interface-mode trunk;
        vlan {
            members [ client iot ];
        }
    }
}

  • Yosemite Captive Portal Fix

    A number of Yosemite Macs are having problems with our organization’s Wi-Fi captive portal.

    If you don’t first sign in via the window presented by Captive Network Assistant, the system appears to have zero network connectivity. You can’t ping anything, you can’t perform DNS lookups, etc. It’s as if the OS is actively blocking all attempted connectivity until it knows you have succeeded in authenticating.

    Consequently, Browsers throw errors instead of presenting our captive portal page. This is a big problem, since in many cases the Captive Network Assistant app was previously disabled or deleted!

    I found I could whitelist our network so that it lets applications try connecting even if the Captive Network Assistant has not yet been placated.

    Just copy the command below, replacing NAMEOFNETWORK with the SSID of your captive portal network. A reboot may be necessary, but it may also be enough to simply switch Wi-Fi off and on again.

    sudo /usr/libexec/PlistBuddy -c "Add ScrapingParameters:DisabledRealms:0 string @NAMEOFNETWORK" /Library/Preferences/SystemConfiguration/CaptiveNetworkSupport/Settings.plist