This article describes, how you can create Private Network Zones (or "PNZ") with the TRIAX EoC system.
Click on the images, to enlarge them.
Note: Private Network Zones is possible from sw2.7.x and requires both "WiFi" and "Local SSIDs and private network zones" licenses installed on the controller.
What is a "Private Network Zone" (PNZ)?
A private network zone (PNZ) is a small closed network, where all connected clients are able to "see" each other. We often refer to private network zone (PNZ) as "Just like home".
One PNZ is completely isolated from other PNZ's, so there will not be any communication between the zones.
Example A:
The picture above shows 6 cabins. Each cabin has its own PNZ hosted on its own EPC. Devices connected to PNZ 1 will not be able to see or communicate with any other client in PNZ 2, 3, 4, 5 or 6.
If visitors in cabin 1 bring their own ie. Chromecast, they can connect this to the TV and they will be able to stream to it - just like home.
Example B:
The picture above shows 2 rooms. Each room has its own PNZ hosted on 1 shared EPC. Devices connected to PNZ 1 will not be able to see or communicate with any other client in PNZ 2.
Note: If this solution is to be used in installations where the site owner (ie. the hotel) installs the Chromecast devices, please read the article on TRIAX Cast.
The endpoints will act as routers in the cabins/rooms. The connected clients will acquire IP addresses from the endpoint and traffic will be forwarded to the controller (the gateway).
Note: Private Network Zones can not be configured on the Media Converter endpoint (EMC)
PNZ can be configured on Endpoint Coax (EPC) and Endpoint Ethernet (EPE). 1 endpoint can host 2-3 PNZ's.
In short, a PNZ is:
- Available for EPC and EPE endpoints.
- Isolated from other PNZ’s.
- Local DHCP server for each zone.
- Routes traffic towards the gateway (the router in the network).
Configuring PNZ
Note: In this example, all unnecessary configuration has been deleted/removed. We will use both 1 and 2 zones on different endpoints
1. In order to install PNZ on the site, you first need to install both "WiFi" and "Local SSIDs and private network zones" licenses.
Acquire the needed licenses and paste the license keys into the "Add new license" box and click "Add".
2. Add the VLAN you will use for the client traffic. This VLAN will be used in all the zones, so you need only to create 1 VLAN for the PNZ use.
3. We add 2 zones because some endpoints will host 2 zones. Remember, the zones will still be separated from each other, traffic-wise!
Note: It is highly recommended to only use IP scopes from the private ranges: Private network - Wikipedia
Note: IP range (zone IP) must be different from the IP range used on the routed VLAN.
4. Add 2 different SSIDs. The parameters work as placeholder/templates. SSID and Password can/will be edited later on the individual zones.
| Parameter | SSID A | SSID B |
|---|---|---|
| SSID | Guest WiFi A | Guest WiFi B |
| VLAN/Zone | Zone A (Clients (200)) | Zone B (Clients (200)) |
| Key | Pass_1234 | Pass_5678 |
5. Set the controller ethernet ports according to your needs.
6. Add ethernet rules, so the RJ45 port either can be disabled or used by the clients. We will add 2 rules, as we did with the SSIDs. Remember to select different zones!
7. Create 2 configuration groups. We need 2 groups because of the ethernet rule. Here you only add "Group SSIDs" and not the zone SSIDs! I have added my MGMT SSID.
8. The last thing we need to do is, to add the EPC or EPE to the configuration group and edit the SSID settings.
8.a First, we change the name and location of the endpoint. Select the Group for the endpoint.
8.b Then we add the PNZ SSID.
8.c At the end, we edit the SSID and key to unique values.
This endpoint will now host 2 unique zones and broadcast 3 SSIDs. The ethernet rule will belong to PNZ B because the endpoint is located in cabin 3.
