As the title says i'm in the market for a high-speed AP with support for vlan tagging (802.1q).
Since i've never used vlan before i'm going to explain how I need the network to be, just in case there is something in my setup that will make this impossible.
There's three buildings. G, B and E: This is how i've planned the layout: Since I could not figure out how to view it properly formatted here, i pasted it here: http://pastebin.mozilla.org/2746132
Building G has the internet gateway(netbsd) which should manage the two networks. Users will connect using WIFI to the Private SSID on the AP inside(dlink DAP-1353). Outside is an engenius ENH202 in WDS-AP mode extending the networks to the other buildings.
Building B has another ENH202 in WDS-BRIDGE mode, that is connected to the one in bulding G. This must be connected to an AP(and switch), which should then extend the Private network inside the building. Computers will be connected through ethernet and wifi, so if the switch in the new AP does not support vlan tagging, i'd like to know what type of switch I need.
Building E will only have guest users, so should be completely cut off from the private network, while still being able to use the internet connection from building G. This should not need anything else than the current DAP-1353 set up as a repeater of the Public SSID.
TL;DR: I need an AP with support for vlan tagging (802.1q) on WIFI. The AP must either have a switch that also supports vlan tagging, or I need to buy that as well One more requirement: The AP must support 802.11n with 300MBps
I do not mind using non-official firmware, so DD-WRT or openwrt may be an option.
Thanks in advance!
Have a look at the Buffalo WAPS-APG600H. This access point supports vlan tagging, has two gigabit lan ports (1 PoE), supports 300mbps at both 2.4ghz & 5ghz and can handle multiple SSIDs - each of which can be assigned to unique vlans.
The Draytek AP800 offers a similar spec at a similar price (you need to buy a separate 5ghz dongle for 5ghz operation, which takes it up to the same price as the Buffalo), but I've had real problems getting these to work reliably in a vlan environment. Main problems have been slow DHCP responses and intermittent network connection dropouts. The Draytek works ok as an untagged device connecting into a vlan switch, but you then lose the ability to create multiple SSIDs on dedicated vlans. Also, this access point has 4 fast ethernet lan ports (1 PoE), but I don't think any VLAN tagging occurs on these ports. Documentation is lacking in this area and I haven't bothered to do any packet sniffing to find out exactly what's happening.
If you do need a good (relatively) cheap switch then i would suggest the netgear gs110tp. This is an 8 port gigabit switch that supports PoE on all 8 ports, and also supports VLAN tagging. It isn't a layer 3 switch though, so it won't support inter vlan DHCP broadcasts. You'll either need a separate router for this, or dedicated DHCP servers on each vlan. Or perhaps your internet gateway can do this?