TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-02-19 15:38:34
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.0.0 Build 20200930 Rel.36519

Our TV settop boxes require an (external) WAN DHCP assigned IP-address. So was trying to get this working straight from the TL-R605 by creating a VLAN that uses the WAN DHCP. But it's not possible, I think? (Also, why can't I assign port profiles to the TL-R605 ports and configure them as my other omada switches?)

 

I was hoping to configure the following on my OC-200:

 

- Modem to TL-R605 WAN-Port (Dynamic IP)

- Set up a new LAN VLAN interface (example: 10) that uses the WAN DHCP instead of the R605 or any other local network DHCP server (But it is not possible to have a VLAN use the WAN DHCP. )

- Set up a new LAN VLAN interface (example: 20) for all local network devices, using the TL-R605 DHCP server

- Create a Port Profile "Only-10" that only allows VLAN 10

- Create a Port Profile "Only-20" that only allows VLAN 20

- Create a Port Profile "10+20" that allows VLAN 10 and 20

- Assign Port profile "10+20" to WAN/LAN port 2 on the TL-R605 (but I can't seem to find where to assign a port profile for the R605 ports in the Omada Controller?)

- Assign Port profile "10+20" to Port 1 of TL-SG2008P switch

- Assign Port Profile "Only-10" to port 2 of TL-SG2008P switch (so the device connected to that port gets an external WAN DHCP IP and cannot access the local network)

- Assign Port Profile "Only-20" to port 3 of TL-SG2008P switch (so the device connected to this port gets an IP from the TL-R605 and has access to the local network

 

The reason for the above config would be to save a few ports.

I currently created the following workaround but I'm unsure if it's ok interVLAN-wise/security-wise (isolate? Spanning tree? Are the CLANs tagged/untagged correctly?):

- Modem to SG2008P#1 port 1 (Port profile only-10)

- SG2008P#1 port 2 (Port profile only-10) to TL-R605 WAN for internet access for the LAN network

- SG2008P#1 port 3 (Port profile only-20) to TL-R605 Port 2 (Cannot assign a port profile in Omada controller for the TL-R605?)

- SG2008P#1 port 4 (Port profile 10+20) to SG2008P#2 Port 1 (Port Profile 10+20)

- SG2008P#2 port 2 (Port profile only-10) to settop box 1 to have a WAN DHCP assigned IP

- SG2008P#2 port 3-8 (Port profile only-20) for all local devices to have TL-R605 DHCP IP's

 

I can currently see other devices connected to my modem, so it's fair to say alle those devices can see my local network too? I don't think my workaround is shielding off my local network enough?

 

I'm open to suggestions/remarks.

 

And not sure if something like passing through WAN DHCP over well-configured LAN VLAN's can be a future option in the software or not (or even possible network/security-wise)?

 

 

 

 

 

 

 

 

 

 

 

 

TL-R605 | OC200 | TL-SG2008P | EAP660 HD
  0      
  0      
#1
Options
10 Reply
Re:TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-02-19 23:40:44

When I want to tighten up security a bit and set up ACL for my workaround (so my "WAN" VLAN 10 cannot access any other VLAN/Interface and vice versa), I can only do so for Interface networks, not VLANS? Can this be made possible?

 

 

 

 

TL-R605 | OC200 | TL-SG2008P | EAP660 HD
  0  
  0  
#2
Options
Re:TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-02-25 17:38:22 - last edited 2021-02-25 17:41:36

It's very quiet here in my little thread

For the moment I've abandoned my efforts to use the WAN DHCP for a certain VLAN, and I'm trying to replicate my current network setup (simple Netgear managed switches that allow me to mix WAN and LAN DHCP) with my new TP-Link hardware but I'm running into the issue of not being able to assign/tag/trunk multiple VLAN's on one port

 

As a reference, my current (working!) switch config that I want to replace with my TP-Link gear:

VLAN 10: WAN DHCP

VLAN 20: Router DHCP

(VLAN1: admin)

 

From Port VLAN PVID

Tagged/ Untagged

To Port VLAN PVID Tagged/ Untagged Comment
Modem   N/A N/A N/A Switch 1 Port 1 10 10 Untagged 10  
Switch 1 Port 2 10 10 Untagged 10 Router WAN N/A N/A N/A Router WAN receives DHCP IP from modem!
Router LAN 1 N/A N/A N/A Switch 1 Port 4 10 + 20 20 Untagged 20  
Switch 1 Port 3 10 + 20 10 Tagged 10 + 20 Switch 2 Port 1

10 + 20

10 Tagged 10 + 20  
Switch 2 Port 2 10 10 Untagged 10 TV Settop box N/A N/A N/A N/A Device receives DHCP IP from Modem!
Switch 2 Port 3-7 20 20 Untagged 20           Devices on these ports get IP from LAN DHCP
Switch 1 Port 5-7 20 20 Untagged 20           Devices on these ports get IP from LAN DHCP

 

 

Some additional info on these simple managed switches for reference:

Switch 1:

 

Switch 2:

 

 

I'd still like to see a solution where I can just say for a VLAN to use the WAN DHCP. it would save me some switchports!

TL-R605 | OC200 | TL-SG2008P | EAP660 HD
  0  
  0  
#3
Options
Re:TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-06-30 12:22:15

@TimoLimo 

 

Hi,

 

Did you recieve any feedback from TP-Link on this? setting port profiles on router level should be added.

  0  
  0  
#4
Options
Re:TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-06-30 12:54:34

@ikbendion 

 

Nope, nothing but silence. I doubt my post was even opened by tp-link?

 

I'm still running my 2 netgear switches between the omada devices. It works, but then again, I feel it should just work via the omada controller/r605 too without a workaround..

 

TL-R605 | OC200 | TL-SG2008P | EAP660 HD
  0  
  0  
#5
Options
Re:TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-06-30 13:12:26

@TimoLimo 

 

You have to create a VLAN only interface for Vlan 10 then problem solved. 

 

Then you can assign vlan 10 to what ever switchport and get DHCP from WAN.

 

 

 

 

 

 

  0  
  0  
#6
Options
Re:TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-06-30 14:06:08

@shberge 

 

I did try that, it didn't work in my specific setup as I need to be able to set multiple VLANS on one single port and the Omada software doesn't allow this:

 

- port 1 of Switch #1: VLAN 10 (from modem)

- port 2 of Swtich #1: VLAN 10 (to R605 router WAN1)

- port 3 of Switch # 1: VLAN 20 (from R605 router LAN1)

- port 4 of Switch #1: needs both VLAN10+20 (to Switch#2 port 1) but am unable to set this? Only accepts 1 tagged vlan, need more)

- other ports of Switch #1 are VLAN 20 for LAN access

 

- port 1 of Switch #2: needs both VLAN10+20 (to Switch#2 port 1) but am unable to set this? Only accepts 1 tagged vlan, need more)

- port 2 of Switch #2 VLAN 10 (to settop box that requires external IP but I could never let it have an external IP)

- other ports of Switch #2 are VLAN 20 for LAN access

 

I can't run another ethernet cable to the second switch (so one for VLAN10 and one for VLAN 20, that would solve it too), but besides: it's possible in other hardware to carry multiple VLANs to one port over one cable so why shouldn't the TP-Link hardware/software do that? smiley

 

Or maybe I'm missing something here..

 

(In my tests, I could see in my local network all external devices (the modem, settop box, and even other modems from neighbours on the cable network. didn't give me much confidence, that's why I tried to shield everything in ACL, but that didn't work either as ACL ony works on Interfaces, not VLANs)

TL-R605 | OC200 | TL-SG2008P | EAP660 HD
  0  
  0  
#7
Options
Re:TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-06-30 14:10:02

@TimoLimo 

 

You have to create a switch profile, then assign this profile to switchport.

Somthin like this.

 

  0  
  0  
#8
Options
Re:TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-06-30 14:26:41

@shberge 

 

Thanks! I did that in the past (but on the previous Omada version, maybe it's better in the newer one (that is currently installed? Or I just did it wrong laugh)

I'll have a look when our home network is not needed for homeworking this weekend or so. I already made profiles like that, I'm looking at them right now but was always unable to tag/untag the vlans I needed. The wrong ones were highlighted by default and unchangeable. But again, it was probably just me.. lost OC200 connections and R605 connections too, had to restart multiple times.. was a pain :D

 

I'll give it another go, thanks.

TL-R605 | OC200 | TL-SG2008P | EAP660 HD
  0  
  0  
#9
Options
Re:TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-06-30 14:33:57

@TimoLimo 

 

I think you try to do this on router inteface, that not possible in Omada SDN only if router is in stand alone. but its easy to configure vlan with Switch profile. så give it a try smiley

 

I think this will work..

 

 

  0  
  0  
#10
Options
Re:TL-R605: use WAN DHCP in LAN VLAN? And where to set Port profiles for TL-R605?
2021-06-30 15:28:58

@shberge 

 

No, I do everything via the Oc200 controller, so I don't use the R605 in standalone mode. I'm really thinking when I first tried this in the previous Omada SDN software, it gave me problems. Maybe resolved now. Cheers, and in any case: thanks again for your help.

TL-R605 | OC200 | TL-SG2008P | EAP660 HD
  0  
  0  
#11
Options