Amplifi HD / Guest Network / IoT device in Guest House

  • Hi, I've been playing with Unifi an it appears a little more complicated to use than I first thought, so am thinking of swtiching to Amplifi. I have a property with a Guest House next door (On separate power ring mains) and the Guest House has a Google Home Speaker in. I of course would like to separate the Guests using the internet from my internet, but can this separate network be linked with the Google Home Speaker that is in the Guest House? I have seen a lot of issues when trying to do this? I know it can be done using the unifi equipment (Modem > USG > Switch > AP's and setting up a VLAN and enabling MulticastDNS Service on the USG but this is way above my IT knowledge in setting up.
    Any advice please?

  • @ian-thompson If you connect the speaker to the guest network, it can be accessed via the primary networks. But a device on the Guest network will not be able to use the speaker on a guest network. Basically devices on the guest network can't see each other.
    Also, if it is an IOT device that operate on 2g only, they can connect to the guest network, but band steering will likely need to be disabled.

  • Thanks but I'm not sure if I 100% follow or if I understand fully.
    So I have my house, with my ISP Router, and will plug the Amplifi HD (Or Instant) Router into the WAN to get the internet. I then place one of the Mesh devices in the Guest House and set up a Guest Network.
    I would like to then connect the Google Home Speaker (Wireless only) to the Guest Network so the Guests can use the speaker. But I do not need to access the Google Home Speaker from my own network? Is this possible, as in all the discussions I've seen so far, and when I tried to connect the Google Home to BT Whole Home Wifi Guest Network it was not possible. Thanks,

  • @ian-thompson said in Amplifi HD / Guest Network / IoT device in Guest House:

    connect the Google Home Speaker (Wireless only) to the Guest Network so the Guests can use the speaker

    This is the portion that is not possible because guest devices cannot see other guest devices.

  • @ui-brett Okay thank you for this.
    This is what I thought, however someone on Amplifi Chat had advised me it was possible, even though I didn't think it was possible. As far as I am aware the only way to do it is with Unifi, setting up/using the USG with a VLAN and enabling MulticastDNS Service.
    0_1568309242969_Amplifi IoT Guest Network.JPG

  • @ui-brett would you happen to have any work around for this? Is there any way of doing this please? The Unifi set up is just a bit beyond me to be honest and I feel if the network was to go down I would struggle to reconfigure it?

  • @ui-brett one more thing sorry. If I had set up a Guest Wifi Network in the Guest House, but someone was to plug an ethernet cable into the LAN port on the back of the Instant Mesh, would they be on the Primary Network or the Guest Network?
    2 reasons I ask. Firstly if they can access Primary Network then it would defeat the object of setting up a Guest Network, I would need to use the HD Mesh system as the satellite units do not have LAN ports.
    Secondly although this is somewhat of a paradox/contradiction, I could hard wire and connect either the Smart TV to the Primary Network if the signal is not strong enough, or hard wire to another Mesh device in an external office (But Guests would still have access to the Primary Network if they unplugged and plugged in themselves)
    Finally, do you think the Mesh Instant would give enough of a signal to the property in this image, or would the HD system be needed? (Primary network is the house on the bottom, Guest Network would be needed above this house) and to the right of the Primary house there will eventually be a wooden office built.

  • @ian-thompson said in Amplifi HD / Guest Network / IoT device in Guest House:

    If I had set up a Guest Wifi Network in the Guest House, but someone was to plug an ethernet cable into the LAN port on the back of the Instant Mesh, would they be on the Primary Network or the Guest Network?

    In this scenario, they would have access to your primary network, so this is something to consider if you use an AmpliFi Instant or AmpliFi HD stand alone router.

    do you think the Mesh Instant would give enough of a signal to the property in this image

    Personally, no I do not think either would be sufficient enough because you are dealing with two external walls which will impede on the wireless signal greatly. And even if it can be connected too, the signal strength and performance would be bismal. UNLESS however you used a wireless bridge (Other Ubiquiti products that are available) to connect the two locations giving you the option for a wired backhaul connection. Or better yet, if there was already an ethernet line ran from one property to another.

    To explain a little more on the previous questions about guest network connectivity with wireless speakers.
    An example I have is that I tested this using a wireless Samsung speaker here in the office. Using the app, it tries to make a connection from your phone and the network it is connected to, to try and give the speaker a connection to the network. When trying to configure it this way using a guest network it fails because there are restrictions placed on a guest network preventing devices from having full communications. If you connect the speaker to the wireless guest network manually, it can connect like most IoT devices because it validates the network credentials and is given an IP address. But once its connected and my phone is connected to the same guest network, the devices cannot be seen by each other using the app.

    This test was not performed with the Google wireless speakers you described in your setup, but the concept is the same. What Myra was explaining is that if you were to connect your speaker to the guest network, other guest network devices could not access it, however a device on your primary network could. This is a relatively new feature we implemented based on user feedback and feature requests.

  • @ian-thompson I have not tried this but I cannot see why it should not work. How about using a second AmpliFi router in your guest house wired to your main one in your own place just to get a source of internet to the guest house (with its own guest wifi) but without anyone actually being able to connect directly to it? You can then use a third party router (I like using the great Gl.iNet small gems) connected to your second router's guest wifi wirelessly and then use the network that your third router creates for your guests, your google speaker and any other devices to be connected to it. The devices should all be able to talk to each other as they are all connected to the same third party router and at the same time get access to the net as the router is connected to your AmpliFi's guest wifi as an internet source only. I hope this makes sense but I was just brainstorming here a bit.

  • @ali-hadi thank you very very much for this suggestion. One reason is I was advised against cabling the two properties together with Ethernet because the 2 properties are on differing ring mains and they have advised this could create issues with earthing/grounding and fire risk with amongst other issues lightning strikes (which are extremely unlikely where we are)
    If I could hard wire between the 2 properties then I would have looked at alternative options.
    I am a little confused as I didn’t think this would have been as complicated or “original” as it first appears. Or so technical to set up. 😀

  • @ui-brett really appreciate all the assistance on this, really I do. I have another question and sorry if this has been answered but I'm trying to explain this to others as to why it's not possible.
    Is this possible - putting the Google Home and Smart TV in the Guest House on the Primary Network via Wifi, and having a secondary SSID for the Guests to access the Internet?
    So, if the Mesh HD works from my house to the Guest House with the Primary SSID, and I then set up a Guest Network ID, would this work? The Guests don't need to control the Google Home via their device that would be on the Guest Network?

  • @ian-thompson Yes that would be possible! If you ran an access point into the guest house, it would generate the guest network in that space allowing your guests to have access to the internet, as well as access for your Google home and smart TV to the primary network.

  • @ui-brett Thanks Brett. So, the Amplifi HD arrived and I tinkered with it a little. The Mesh AP's got a signal across to the Guest House okay, but it was only 1-2 blue dots, and sometimes it went into flashing mode so I don't think this is going to work I'm afraid.
    So it looks like I will look back at the Unifi UAP-AC-LITE in the attic (which put the signal across to the Guest House with enough Signal Strength for what I need) I just now need to work out again if setting up a second SSID for the guests will be secure enough/separate enough from my own network without having to use a USG and US-8-60W Switch and setting VLAN's etc.....
    Thanks again for all your help, much appreciated.

  • Hi @ian-thompson - have you considered a direct wireless bridge link as @UI-Brett suggested above?

    It eliminates the earthing/grounding and fire risk issues with lightning strikes for a physical cable, while providing most all of the benefit (a direct wireless bridge link will have slightly higher latency than a cable)

    This method for linking remote buildings has been used successfully by other members here on the forum, and then you can add the HD Router to the guest house (or the future wooden office) as an Ethernet backhaul access point

    That doesn't solve the issue of guests having physical access to the Ethernet ports if the router is within their reach...

  • @derek-saville hi Derek thanks for this.
    If you are referring to “UNLESS however you used a wireless bridge (Other Ubiquiti products that are available) to connect the two locations giving you the option for a wired backhaul connection.” I am unsure exactly what this refers to or how to do this? Wired backhaul connection I do not know how to set up or understand what to do with this ?
    What I have done today is managed to get a Unifi UAP-AC-LITE to get a signal to the Guest House. For strength of signal I may use a UAP-AC-M I played with to wirelessly uplink between the 2, but then I don’t know how to either set up this wired backhaul connection, nor do I know if simply setting up a separate SSID is enough for the guests to have separation to my network. If not, then I have to go down the USG and potentially cloud key route to set up a VLAN to completely separate the guests (but this may be a more secure set up than I need)
    Any further assistance is as always forever appreciated.

  • @ian-thompson wired backhaul is really just linking your two routers via an ethernet cable. I am by no means an electric expert but I cannot see how an ethernet cable transfering data from one property to another can cause issues with earthing/grounding or fire risk as the electric current in these is minuscule. I have one burried under the garden and then to the shed with no issues whatsoever.

  • Hi @ian-thompson - here is a short thread about doing something similar: Multiple Mesh Routers and a Nano AC connection...

    And @UI-Brett (please correct me if I am wrong Brett) has advised that a pair of NanoStation 5AC's are an "Excellent solution for a simple PtP bridge" (in the words of Ubiquiti)

    You can view the product page here: NanoStation AC

    This is essentially a virtual Ethernet cable (wireless point-to-point link) for when you do not want to, or cannot install a physical Ethernet cable between two locations

    They are managed with their own app, separately from the AmpliFi network

    I haven't had to use one myself, so I cannot comment on experience...just pass along the option since others on this forum have done similar setups

    You can probably find out a lot more information on the Ubiquiti Community Forums and they are very good about answering questions there

  • Hi @ali-hadi - I personally have also buried long runs of Ethernet cable in conduit pipe, but if the two buildings are on separate main power lines as described above, this would normally be against building codes in most areas since, even if you use Ethernet Surge Protectors, you are now also electrically connecting 2 separate grounds together, which can cause other problems and risks, so it is generally better (and legal) to keep the buildings electrically isolated

    If both buildings were using one main power line, thus having a common ground, then a buried Ethernet cable would definitely be the way to go unless there are other physical limitations (like distance), barriers or considerations

  • @derek-saville you are truly a fountain of knowledge. Thank you again for your explanation.