VLAN configuration

VLAN configuration

VLAN configuration
VLAN configuration
2 weeks ago - last edited a week ago
Model: EAP650  
Hardware Version: V1
Firmware Version: 1.0.7 Build 20230423 Rel. 75707(4555)

I am expanding my network and looking at using VLANs to segregate networks/devices. I am having issues configuring VLANs. After several hours reading numerous guides and forums I am beginning to think my hardware is not compatible.

My network topology.

Gateway - Telstra Smart Modem Gen 2 (Arcadyan LH1000, unhacked with no VLAN capabilities), acts as the DHCP server.

Switch 1 - TL-SG116E 1.20 1.0.0 Build 20190923 Rel.58904, Static assigned IP from gateway. Connected to gateway port 1

Switch 2 - TL-SG108E 6.0 1.0.0 Build 20211209 Rel.52369, static assigned IP from gateway, connected to switch 1

Switch 3 - TL-SG1210MPE 3.0 1.0.0 Build 20230721 Rel.62619, static assigned IP from gateway, connected to switch 1

AP - EAP650 1.0.7 Build 20230423 Rel. 75707(4555), currently dynamic assigned, connected to switch 1 port 15

 

Currently running a single wired LAN with plans on running more for IoT, cameras, guests etc. Running multiple SSIDs with some with guest access. Switch 1 is running default VLAN in an attempt to allow the connected AP to run VLANs for multiple SSIDs. If I keep all to VLAN1 (PVID1) I can connect. If I change the VLAN ID on the AP I lose the ability to connect to that SSID, eg. IoT-5G to VLAN ID 3. I have tried various options with tagging/untagging on both VLAN 1 and 3 without success. IoT and Guest SSIDs are configured in the AP as guest networks also. My intentions with the configuration is to seperate the traffic but in some instances have differing access. As an example my Home Assistance server would need to access multiple networks for IoT, camera access etc.

My thoughts (hopefully I am wrong) are that my switches (brand new) are not complatable and I need OMADA switches & controller to allow profiles so the SSID VLANS align with the switch LANs.

Longer term, I am looking at getting a controller (OC200) and adding additional access points to switch 1, 2 & 3 so I am keen to undertand and get it working.

 

Any assistance or direction would be greatly appreciated. I know and understand just enough to be dangerous but not enough to be deadly.

 

Switch 1

 

EAP config

  0      
  0      
#1
Options
1 Accepted Solution
Re:VLAN configuration-Solution
2 weeks ago - last edited a week ago

Hi @Graham_M,

 

VLANs should work accross products that support them.  Omada, non-Omada and even products from other manufacturers can all work together.  Using Omada supported devices just helps with the management.  Because each VLAN is it's own network, each one will require it's own router, DHCP service, etc.  Fortunately, one appliance/device can be used to provide these services across multiple networks and/or VLANs.  An Omada router from TP-Link will work, but there are other options.  If your not doing anything complicated or too crazy, staying in the Omada ecosystem (like the ER605 suggested by @MR.S) would be the easiest path forward.

Recommended Solution
  0  
  0  
#3
Options
4 Reply
Re:VLAN configuration
2 weeks ago

  @Graham_M 

 

You need a router that can create VLANs. If it's a small network, you can use an ER605v2. It doesn't cost that much. If you have the option, replace the router from your ISP or connect the ER605 behind the ISP router.

 

 

  0  
  0  
#2
Options
Re:VLAN configuration-Solution
2 weeks ago - last edited a week ago

Hi @Graham_M,

 

VLANs should work accross products that support them.  Omada, non-Omada and even products from other manufacturers can all work together.  Using Omada supported devices just helps with the management.  Because each VLAN is it's own network, each one will require it's own router, DHCP service, etc.  Fortunately, one appliance/device can be used to provide these services across multiple networks and/or VLANs.  An Omada router from TP-Link will work, but there are other options.  If your not doing anything complicated or too crazy, staying in the Omada ecosystem (like the ER605 suggested by @MR.S) would be the easiest path forward.

Recommended Solution
  0  
  0  
#3
Options
Re:VLAN configuration
2 weeks ago

Thank you both for your input. I was hoping just the switch could handle the traffic heading only to and from the gateway without VLAN but not to be.

 

Longer term I was considering using an ER605 in place of my Telstra modem but was hoping to avoid it just yet. Looking at price and functionality, rather than purchasing another EAP650 and an ER605 I could instead use an ER706W and use the EAP in another location. I'm thinking by making this leap would also justify a controller (OC200) with maintaining simple configuration/management. 

 

I did look at using the Telstra modem in bridge mode but I wasn't sure if it could be done and keep my landline phone (FX port on modem). I'm not worried about my current 4G backup as it is basically useless with our mobile network here. I believe with my fixed wireless NBN both the ER605 and ER706W can connect directly to the NBN with a PPPOE connection type. For the phone, according to some other literature (attached below) I should be able to forward some ports from an ER605 or ER706W with some other settings (QOS, VOIP) to the Telstra modem and keep the phone.

 

Does all this sound feasible and as you pointed out "not too crazy"? (I like simple but have a habit of over complicating things) 

 

  0  
  0  
#4
Options
Re:VLAN configuration
2 weeks ago

@Graham_M, nope not too crazy; my setup is similar. I can overengineer things too, so I put my phone router on it's own VLAN.  Putting the Telstra in your IoT VLAN would keep it simple.

  0  
  0  
#5
Options