ER605 disconnect issue when moving ER605 to MGMT VLAN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ER605 disconnect issue when moving ER605 to MGMT VLAN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ER605 disconnect issue when moving ER605 to MGMT VLAN
ER605 disconnect issue when moving ER605 to MGMT VLAN
2022-08-06 20:43:15 - last edited 2022-08-22 01:59:28
Tags: #ER605 Disconnect
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.0.1 Build 20220223 Rel.68551

Our Devices:
            Model                Version reported in SDN
    ======================================================    
    (1)    ER605 v2.0                  2.0.1 Build 20220223 Rel.68551
    (1)    TL-SG2008P v1.0        1.0.2 Build 20210806 Rel.55686
    (1)    TL-SG3428 v2.0           2.0.3 Build 20210409 Rel.52950
    (2)    EAP620 HD(US)v3.0    1.0.1 Build 20220119 Rel.76276

 

We are having an ER605 disconnect issue when moving the ER605 to the MGMT VLAN. We do not have this issue when we leave the ER605 on the LAN. As noted in other posts related to ER605 disconnects, the network stays up even though the status is reflected as Disconnected.

 

This is our second site and we have some experience with configuration within Omada. We can successfully configure the network to our needs re: IP,DCHP,VANs,Profiles and other items. We can also successfully move the TL-SG2008P, TL-SG3428 and two ER605s to the MGMT VLAN. 

 

However, when we move the ER605 to the MGMT VLAN (with the Discovery Utility) the ER605 goes into a Disconnected state. The Discovery Utility displays the ER605 config change is successful, but the Device remains in a Disconnected state.

 

We have tried moving the ER605 repeatedly, both with and without the TL-SG3428 and the EAP620s, i.e. just the ER605 and the TL-SG2008P. We have done full Device resets multiple in between tests, all with the same Disconnected result.

 

If we revert the Devices to the LAN, the ER605 reconnects.

 

However, leaving  all the Devices in the LAN is unacceptable.

 

We have become adept at changing the OC200 static address and moving it back and forth from LAN to MGMT to update testing configs, so any input on things to check would be most welcome.

 

Thanks!

 

EDIT: We did see the related post re: "ER605 suddenly disconnect from omada controller but still working". Rebooting the ER605 has no impact on reconnecting for us.

  0      
  0      
#1
Options
1 Accepted Solution
Re:ER605 disconnect issue when moving ER605 to MGMT VLAN-Solution
2022-08-18 21:38:52 - last edited 2022-08-22 01:28:42

  @clangren 

 

The solution for our issue was as follows:

 

Refer to the “How to configure Management VLAN in Omada SDN Controller (4.4.4 or above)” FAQ at https://www.tp-link.com/us/support/faq/2814/ for context.

 

Before step 4 of the FAQ (essentially prior to moving the controller to a new switch port configured in the MGMT VLAN) take the following steps:

 

     1) Set a DHCP address reservation in the management VLAN for the controller in advance. Please note that the Network must select the management VLAN as well.

 

     2) Enable Auto Refresh IP in Controller/Access Config to ensure that the controller can obtain the corresponding IP address.

 

We were controlling the ip address of the OC200 by configuring a static address rather than using DHCP and a reservation in the controller.

 

Many thanks to Wayne and Darcy for the help.

Recommended Solution
  2  
  2  
#6
Options
5 Reply
Re:ER605 disconnect issue when moving ER605 to MGMT VLAN
2022-08-07 21:54:47

  @clangren 

 

We have some additional information to provide on this issue.

 

From time to time we run a port scan on the MGMT VLAN to see all the associated IPs and review them for appropriateness. From "time to time" happened to be today.

 

Interestingly, the ER605, TL-SG2008P and TL-SG3428 all showed up on this scan.

 

More specifically, the above listed three devices are accessible via browser from both the LAN/192.168.X.0/24 subnet range (which are currently assigned in SDN) and from the MGMT/10.0.X.0/24 subnet range (which were assigned when they were in the MGMT VLAN - but no longer are) at the same time

 

It would appear, at least in our limited assessment, the code which is managing the assignment of IP address for Devices as they are moved from VLAN to VLAN is seriously broken at best.

 

Hopefully this information raises this issue to review.

  0  
  0  
#2
Options
Re:ER605 disconnect issue when moving ER605 to MGMT VLAN
2022-08-09 07:32:08

  @clangren 

 

Do you have a management VLAN set up?
Can the gateway and controller still communicate with each other after moving to the MGMT VLAN? Do a ping test.
Have you set up ACL entries?
What is the current version of the controller?

Just striving to develop myself while helping others.
  0  
  0  
#3
Options
Re:ER605 disconnect issue when moving ER605 to MGMT VLAN
2022-08-09 12:06:58

  @clangren 

 

Good day.

 

Do you have a management VLAN set up?

     Yes we did and still do.


Can the gateway and controller still communicate with each other after moving to the MGMT VLAN? Do a ping test.

     When the controller was in the MGMT VLAN the gateway was Disconnected the two Devices could "communicate" depending on how you define communicate. If communicate is only ping, then yes. If communicate includes being able to configure the Device, then no. We have moved all the Devices back to the LAN so they can be configured. When the Devices were in the MGMT VLAN all Devices could be configured except the ER605.


Have you set up ACL entries?

     We had one Switch ACL entry to allow DNS traffic to our internal DNS server. And still have that entry.


What is the current version of the controller?

     ER605 v2.0 -  2.0.1 Build 20220223 Rel.68551 

 

And thanks for the feedback!

  0  
  0  
#4
Options
Re:ER605 disconnect issue when moving ER605 to MGMT VLAN
2022-08-11 02:54:36

  @clangren 

 

Submitted to tech support. Will report back.

  0  
  0  
#5
Options
Re:ER605 disconnect issue when moving ER605 to MGMT VLAN-Solution
2022-08-18 21:38:52 - last edited 2022-08-22 01:28:42

  @clangren 

 

The solution for our issue was as follows:

 

Refer to the “How to configure Management VLAN in Omada SDN Controller (4.4.4 or above)” FAQ at https://www.tp-link.com/us/support/faq/2814/ for context.

 

Before step 4 of the FAQ (essentially prior to moving the controller to a new switch port configured in the MGMT VLAN) take the following steps:

 

     1) Set a DHCP address reservation in the management VLAN for the controller in advance. Please note that the Network must select the management VLAN as well.

 

     2) Enable Auto Refresh IP in Controller/Access Config to ensure that the controller can obtain the corresponding IP address.

 

We were controlling the ip address of the OC200 by configuring a static address rather than using DHCP and a reservation in the controller.

 

Many thanks to Wayne and Darcy for the help.

Recommended Solution
  2  
  2  
#6
Options