I can't seem to make this config...any help would be greatly appreciated! Thank you.
I haven't played with WG's Wifi but I'm guessing you won't be able to directly do this. Your going to need to implement SSO and base the Webblocker Profile on an User Group OR have each SSID on it's own network and base the webblocker profile on the network.
I was able to set each SSID to a different VLAN and put each VLAN to a separate policy that I could then add WB to...but I need to allow broadcasting between the VLANs and those appear to be blocked - does anybody know if there is a config to allow broadcasting between VLANs? I think that could be a workaround if possible. Thank you,
NOTE: Also, I was able to "punch a hole" between the VLANs to each VLAN was able to reach resources on the other VLAN...but no broadcast traffic passes. Thanks again,
No - broadcast packets are blocked across routed interfaces which includes VLANs.
What is the need for this broadcast traffic to cross VLANs ?
Bruce, broadcasting across VLANs was an attempt at a workaround...what I really want is different SSIDs on the same LAN/Subnet so I can put different webblocking profiles on them. Thank you,
The broadcast traffic is to find printers and the Savant host (pluswhatever else I have not identified that broadcasts) - this is a corporate installation.
The real solution probably is to have different policies based on IP addrs or on user IDs.
If you have an AD domain, then you can implement SSO, and then use AD groups or AD user IDs on selected policies.
If you don't have an AD domain, you can set up DHCP leases for individual PCs so that you know the IP addrs of those PCs and then you can use the list of IP addr on policies. Creating an Alias which those IP addrs is one of the better ways to implement this