EAP683-LR Poor network performance with tagged vlans on SSID
Hooked up my new EAP683-LR wifi access point and configured it to match my previous AP configuration (ubiquiti) via a OC200. Network looks like this:
mikrotik router -> eth7 -> trunk port with default vlan1 untagged, vlans 11,20,30 tagged.
EAP683-LR configured with 3 SSIDs, each one tags a vlan (11,20,30).
When a device connected to the SSID tries to connect to a local resource on the same vlan, the device receives duplicate TCP ACKs and TCP Retransmissions but will never connect to the backing TCP service. In this case it affects multiple services but I'm primarily testing with plex.
If, for instance, I configure the trunk port on the mikrotik router to set untagged on vlan11 and tagged vlan1 (and then remove the vlan tag on the SSID), everything works as expected.
I also tested upgrading the OC200 to the latest beta firmware to try with PPSK and that also did not work as expected.
Is there any advice to setup the access point to work correctly when connected with tagged vlans with 3rd party routers?
Thank you.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Does your switch support vlans?
- Copy Link
- Report Inappropriate Content
@muzicman0 As I said in the original post, everything was working prior to replacing ubiquiti APs with a single tp-link AP. no configuration has changed (except for testing done in this thread). The wired network accepts vlan traffic correctly. The only odd behavior is traffic tagged under a vlan configured at the AP. I just finished double-checking firewall configs and even reset everything in the tp-link config back to defaults, setup a single SSID and can replicate the issue. It really seems like tagged traffic may be bugged on the EAP683-LR.
- Copy Link
- Report Inappropriate Content
@rumblpak I suppose that is possible. I only use EAP245's and EAP670's. It does seem odd that you can ping devices but can't create a TCP connection, but like you said, maybe there is a bug in that specific AP.
- Copy Link
- Report Inappropriate Content
Are there any similar issues to yours in the following threads?
TCP Connections May Fail Between Different VLANs On The Same EAP
- Copy Link
- Report Inappropriate Content
The TCP connections article is about connections on different VLANs, in my case I am having issues connecting to services on the same VLAN.
The ETH VLAN related issues implies that a VLAN isn't tagged but I get IPs on devices in all 3 VLANs, I just have issues maintaining longer connections (like HTTP(S) traffic) to servers on the same VLAN.
Virgo wrote
Are there any similar issues to yours in the following threads?
TCP Connections May Fail Between Different VLANs On The Same EAP
- Copy Link
- Report Inappropriate Content
@rumblpak are you using Windows or Linux, or a combo of both?
Windows is famous for turning the firewall back on if you breath on it to heavily.
Linux gives us some extra troubleshooting tools. If it's Linux, try to telnet on the port of the server. For instance, for my Emby server, I enter telnet 10.3.0.124 8096. Even though it is a Windows server, it responds. If the port is blocked, or Firewall is blocking it, it will refuse the connection.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@rumblpak sorry, I was editing my post while you responded. Try the telnet command from above to see if the port is open.
What OS is your plex server hosted on? We should try and stick to a single problem right now.
Also, if you configure a switch port to be on one of the VLANs, does it work (this will help tell us if it is an actual AP problem or something else).
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@rumblpak In which case?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1889
Replies: 28
Voters 0
No one has voted for it yet.