If your school uses enterprise WiFi network infrastructure, we recommend adding your BuildFlow servers to a WPA2 Pre-Shared Key secured VLAN. There are many network configuration options available, but use of a WPA2-PSK network will minimise interruptions to your BuildFlow service.
Why a VLAN?
Enterprise networks can be tricky to manage, especially large networks with multiple classes of users and a mixed array of devices connecting over multiple access points. To segregate and control the privileges afforded to connected devices, control user access and ensure compatibility with a broad range of devices (IoT devices, printers, wireless P.A. etc.), it is not uncommon to deploy a virtual local area network (VLAN). You can read more about VLANs here.
By placing these devices on a VLAN, a network administrator:
- Can provide connectivity for users and enterprise devices on the same access point without placing them in the same subnet, segregating access.
- Can enable and broadcast device specific functionality like Bonjour/Zeroconf service discovery browsing domains.
- Can control external domain access at the network level by controlling ports, protocols and domains accessible from the subnet.
- Can assign a unique WiFi SSID and connection details for devices on this VLAN.
By connecting a BuildFlow server to a VLAN via WPA2-PSK WiFi connection:
- You only need to reconfigure your BuildFlow server if your Pre-Shared Key changes.
- You can filter access to BuildFlow’s subdomains per your network access policy for the VLAN.
- You do not require a provisioned wireless encryption certificate or RADIUS distribution service which may be incompatible with headless server devices like the BuildFlow server.
Recommended VLAN configuration
- Best practice suggests that you should not deploy more than 3 VLANs on each network access port to avoid excessive network overhead and routing issues.
- If you don’t currently run a utility VLAN, create one available on all Access Points where BuildFlow servers will be deployed.
- Associate an appropriate associated WiFi SSID (e.g. ’SCHOOLNAME-printers’).
- Set your WiFi network key to WPA2-PSK and create a secure password.
- Turn off SSID-broadcast if you do not want the network to be visible to users.
- Enable VLAN isolation.
- Either disable proxy filtering for your VLAN or enable proxy whitelist for buildflow.online & *.buildflow.online. For more information, visit our article on whitelisting.
- Disable any SSL packet inspection or sniffing services.
- Log into https://buildflow.online, choose configure printer, and choose the “Personal WiFi” option. Follow the prompts to generate a new configuration file and install it on your BuildFlow server(s).
If you can’t use a VLAN
If you already have too many VLANs active, don't have an appropriate VLAN to deploy print server hardware to, don't have a network infrastructure that can support VLANs, or your network administrator has indicated that you should use your regular WiFi username and password to connect; there are other options to connect your BuildFlow server to your network on the Configuring your BuildFlow page.
Didn't find what you what you were looking for? Try using our Troubleshooting Tool!