VLAN configuration
I am expanding my network and looking at using VLANs to segregate networks/devices. I am having issues configuring VLANs. After several hours reading numerous guides and forums I am beginning to think my hardware is not compatible.
My network topology.
Gateway - Telstra Smart Modem Gen 2 (Arcadyan LH1000, unhacked with no VLAN capabilities), acts as the DHCP server.
Switch 1 - TL-SG116E 1.20 1.0.0 Build 20190923 Rel.58904, Static assigned IP from gateway. Connected to gateway port 1
Switch 2 - TL-SG108E 6.0 1.0.0 Build 20211209 Rel.52369, static assigned IP from gateway, connected to switch 1
Switch 3 - TL-SG1210MPE 3.0 1.0.0 Build 20230721 Rel.62619, static assigned IP from gateway, connected to switch 1
AP - EAP650 1.0.7 Build 20230423 Rel. 75707(4555), currently dynamic assigned, connected to switch 1 port 15
Currently running a single wired LAN with plans on running more for IoT, cameras, guests etc. Running multiple SSIDs with some with guest access. Switch 1 is running default VLAN in an attempt to allow the connected AP to run VLANs for multiple SSIDs. If I keep all to VLAN1 (PVID1) I can connect. If I change the VLAN ID on the AP I lose the ability to connect to that SSID, eg. IoT-5G to VLAN ID 3. I have tried various options with tagging/untagging on both VLAN 1 and 3 without success. IoT and Guest SSIDs are configured in the AP as guest networks also. My intentions with the configuration is to seperate the traffic but in some instances have differing access. As an example my Home Assistance server would need to access multiple networks for IoT, camera access etc.
My thoughts (hopefully I am wrong) are that my switches (brand new) are not complatable and I need OMADA switches & controller to allow profiles so the SSID VLANS align with the switch LANs.
Longer term, I am looking at getting a controller (OC200) and adding additional access points to switch 1, 2 & 3 so I am keen to undertand and get it working.
Any assistance or direction would be greatly appreciated. I know and understand just enough to be dangerous but not enough to be deadly.
Switch 1
EAP config
Thank you both for your input. I was hoping just the switch could handle the traffic heading only to and from the gateway without VLAN but not to be.
Longer term I was considering using an ER605 in place of my Telstra modem but was hoping to avoid it just yet. Looking at price and functionality, rather than purchasing another EAP650 and an ER605 I could instead use an ER706W and use the EAP in another location. I'm thinking by making this leap would also justify a controller (OC200) with maintaining simple configuration/management.
I did look at using the Telstra modem in bridge mode but I wasn't sure if it could be done and keep my landline phone (FX port on modem). I'm not worried about my current 4G backup as it is basically useless with our mobile network here. I believe with my fixed wireless NBN both the ER605 and ER706W can connect directly to the NBN with a PPPOE connection type. For the phone, according to some other literature (attached below) I should be able to forward some ports from an ER605 or ER706W with some other settings (QOS, VOIP) to the Telstra modem and keep the phone.
Does all this sound feasible and as you pointed out "not too crazy"? (I like simple but have a habit of over complicating things)
