Android devices do not route properly using OMADA EAP650
Hi everyone,
I bought a EAP650 to enhance wifi range from my office to the workshop in the basement. Its a rental environment, so copper is not an option.
The setup looks like this:
ISP -> Main Router (also Gateway) -----cable----> EAP650 ---wifi--> router_basement ----cable----> workstation
Static IPs:
Main router: 10.10.10.1
Basement router: 10.10.10.254, 10.10.20.1
To split the devices in the basement from the main network, I set up two subnets:
Main Router : 10.10.10.x (DHCP via pihole)
Basement Router: 10.10.20.x (DHCP via basement router, Gateway is set to 10.10.10.1)
I've set a static route on the main router that forwards 10.10.20.x to the basement router, which has the ip 10.10.10.254.
Its working perfectly, all devices connected to the EAP650 can reach each device on both networks EXCEPT for android devices (Oneplus 12, Xiaomi Pad 5).
With android I can ping 10.10.20.x workstation, I can also route the IP, but I cannot open a website that runs on the workstation.
Now the tricky part: if I enable the internal wifi of the main router and connect android to it, I can reach the webserver on the workstation perfectly fine. This lead me to the conclusion that there must be some sort of misconfig on my EAP650 that does not allow me to use Android to connect to the other subnet.
If there is some information missing, just let me know.
Cheers,
Alex
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @deraxel
Have you enabled the guest network or configured any ACL rules on EAP? Please try to disable the guest network and ACL. And what is the hardware and firmware version of your EAP? Please make sure the firmware of your EAP650 is up-to-date.
Besides, may I know the model number of your basement router? And what is the operation version of your Android devices?
- Copy Link
- Report Inappropriate Content
Hi @deraxel
May I double confirm that you can PING the web server on workstation but cannot access to it? How did you access the web server? Via IP address or via domain name?
Besides, when the Android device failed to access the web sever, will it be still able to access to the Internet/external address?
Please help to disconnect/forget the SSID on your Android device, and connect to the SSID again to see whether it will work.
- Copy Link
- Report Inappropriate Content
Hi @Hank21,
thanks for the fast reply. I will try to answer your questions the best I can:
- Guest Network is disabled, ACL Rules do not apply
- AP is EAP650 V1, Firmware 1.0.13 (latest)
- Main Router: I tested Fritzbox 6490 and tp-link ER605 -> Same results, except for when I enable wifi on the fritzbox, as described in my first post.
- Basement Router: GL-AR300M16-Ext, OpenWrt, Firewall disabled, acts as Gateway and DHCP for 10.10.20.0/24
- Android on the OnePlus is V14. My girlfriend took the xiaomi Pad 5 to work, but should be something around Android 11.
- Using different network apps, I can ping and traceroute the workstation in the basement via IP and DNS
- Connection using http, https or RDP does not work (IP and DNS)
- Android devices can operate normally browsing the internet or services on the local 10.10.10.x subnet.
- Deleting the SSID and reconnecting does not help. Deleting the dhcp leases did force a new IP, but did also not solve the problem.
I hope I catched every open end.
One more information from my side: if I connect the android device to a wireguard vpn operating on a maschine with the ip 10.10.10.30, android can reach the workstation in the basement. The 10.10.10.30 machine is not connected to the EAP650. Instead it is connected using a cable to the main router.
Thanks for your help.
- Copy Link
- Report Inappropriate Content
There seems to be a common thread with the latest AX firmware build causing issues for Android devices. TPlink should be investigating this as there have been multiple threads about this.
I would revert the firmware on your 650 to an older version (at least 4 months ago) and see if the problem continues.
I would also not design the network the way you have. This is a perfect example for using mesh (ie add controller and say a 615-wall to replace the basement router, and plugging basement PC into one of the 3 LAN ports on the AP). If that's too much, I'd replace the basement router with wifi<->ethernet device...many of the wifi repeater devices (from TPlink, Netgear etc.) do exactly that. Then all devices are on the same flat network and you get rid of the second subnet and NAT.
- Copy Link
- Report Inappropriate Content
Thanks for the input. I had the same problem with the 1.0.6 firmware. Downgrading seems to be disabled in the controller software (docker container), so it seems that unfortunately I cannot revert back now.
I see that the proposed solution might be a little overkill, but since I always wanted to dig a bit deeper into network setups, subnetting and stuff, I took it as a little challenge to set this up. Besides this the network in the basement does not only contain one machine, but that does not relate to the original problem.
To sum up: the config I set up should overall work, but there is something going on with android devices on tplinks side, right?
- Copy Link
- Report Inappropriate Content
Under device management in the controller you can do a manual upgrade with older firmware which you download from the Support pages.
- Copy Link
- Report Inappropriate Content
WRT to the second part of your question, I personally believe there is an issue impacting Android devices in the latest firmware tree, but this has not yet been confirmed by TPlink. So to answer you're question, I don't think you made any errors, I think it's something beyond your control.
One other thing to try is to downgrade the controller (ie nothing higher than 5.13.22) as perhaps it's doing something new with the fast roaming protocols that is causing the issue, and the AP firmware upgrades are only showing the symptom and are not the root cause.
- Copy Link
- Report Inappropriate Content
Hi @deraxel
Thanks for your detail information.
To assist you better, I've created a support ticket via your registered email address, and escalated it to our support engineer to look into the issue. The ticket ID TKID240543568, please check your email box and ensure the support email is well received. Thanks!
Once the issue is addressed or resolved, welcome to update this topic thread with your solution to help others who may encounter the same issue as you did.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hi,
I tried downgrading the crontroller, but it did not seem to change something.
The support ticket was well received. I will keep this thread updated once I find a suitable solution.
Thanks for your help till this point!
Alex
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 638
Replies: 10
Voters 0
No one has voted for it yet.