SaFi Bank Space : Safi Office WIFI Network

Network Documentation:

Introduction:

This provides an overview of the network setup to be implemented. Our network has two Internet Service Providers (ISP), PLDT and Globe, which are connected to a Fortinet 61F router. The router is configured for load balancing and failover to ensure continuous internet connectivity.

WAN IP Addresses:

The PLDT ISP has a WAN IP of 58.69.0.214 and the Globe ISP has a WAN IP of 112.198.19.115. Each ISP have 100mbps subscribed Internet Connection Speed.

Core Switch:

The Fortinet 61F router is connected to a Cisco 3750X switch, which acts as the central hub for all network components. This switch is referred to as the Core Switch.

Access Points and Controllers:

Unifi:

The Core Switch is connected to a Unifi cloud key gen2 plus, which acts as the controller for 6 Unifi U6 Pro Access Points (APs).

The Unifi APs provide two Wi-Fi networks, SBNETAP/SFB-JAMF, which is intended for MacBook Air and Pro devices, and SFB-Open, which is intended for mobile devices and guests.

The SBNETAP/SFB-JAMF Wi-Fi network is secured through MAC address whitelisting and content filtering through JAMF Connect.

The SFB-Open Wi-Fi network is open to all users, but its content is filtered through OpenDSN or Cloudflare site filtering.

The SBNETAP/SFB-JAMF Wi-Fi network has an IP range of 192.168.2.0/24, while the SFB-Open Wi-Fi network has an IP range of 192.168.3.0/24.

Mikrotik:

The Core Switch is also connected to a Mikrotik cloud core router, which controls 6 Mikrotik WAP AC access points.

The Mikrotik APs provide a Wi-Fi network, SFB-BU, with an IP range of 192.168.5.0/24.

The SFB-BU Wi-Fi network is secured through WPA encryption and content filtering through JAMF.

Security Overview:

Conclusion:
This document provides a comprehensive overview of the network setup in place, including the WAN IP addresses, the components connected to the Core Switch, and the security measures in place for the different Wi-Fi networks.