If your organisation uses an enterprise WiFi network infrastructure, we recommend adding your BuildBee CloudDock to a WPA2 Pre-Shared Key secured VLAN. There are many network configuration options available, but use of a WPA2-PSK network will minimise interruptions to your BuildBee service.
Why a VLAN?
Enterprise networks can be tricky to manage, especially large networks with multiple classes of users and a mixed array of devices connecting over multiple access points. To segregate and control the privileges afforded to connected devices, control user access and ensure compatibility with a broad range of devices (IoT devices, printers, wireless P.A. etc.), it is not uncommon to deploy a virtual local area network (VLAN). You can read more about VLANs here.
By placing these devices on a VLAN, a network administrator:
- Can provide connectivity for users and enterprise devices on the same access point without placing them in the same subnet, segregating access.
- Can enable and broadcast device-specific functionality like Bonjour/Zeroconf service discovery browsing domains.
- Can control external domain access at the network level by controlling ports, protocols and domains accessible from the subnet.
- Can assign a unique WiFi SSID and connection details for devices on this VLAN.
By connecting a BuildBee CloudDock to a VLAN via WPA2-PSK WiFi connection:
- You only need to reconfigure your BuildBee CloudDock if your Pre-Shared Key changes.
- You can filter access to BuildBee’s subdomains per your network access policy for the VLAN.
- You do not require a provisioned wireless encryption certificate or RADIUS distribution service which may be incompatible with headless server devices like the BuildBee CloudDock.
Recommended VLAN configuration
Best practice suggests that you should not deploy more than 3 VLANs on each network access port to avoid excessive network overhead and routing issues.
Step 1 - Create a VLAN
- If you don’t currently run a utility VLAN, create one available on all Access Points where BuildBee CloudDocks will be deployed.
- Associate an appropriate associated WiFi SSID (e.g. ’SCHOOLNAME-printers’).
- Set your WiFi network key to WPA2-PSK and create a secure password.
- Turn off SSID-broadcast if you do not want the network to be visible to users.
- Enable VLAN isolation.
- Either disable proxy filtering for your VLAN
or enable proxy whitelist for buildbee.com & *.buildbee.com. For more information, visit our article on
whitelisting.
- Disable any SSL packet inspection or sniffing services.
- Log in to
https://app.buildbee.com/
If you can’t use a VLAN
If you already have too many VLANs active, don't have an appropriate VLAN to deploy BuildBee hardware to, don't have a network infrastructure that can support VLANs, or your network administrator has indicated that you should use your regular WiFi username and password to connect; there are other options to connect your BuildBee CloudDock to your network on the Configuring your BuildBee page.