How to manage Omada APs from 2 sites using site-to-site VPN (two subnets)
Hello there,
Let's make things clear... I manage a business with two sites in Canada. One site is the main site with an OC200 Omada controller and 5 Omada APs (EAP660HD), then we just open a second site that is linked to my main site using a site-to-site VPN router. On the remote site, I've just connected 2 APs (EAP660HD) and trying to adopt them with my OC200 where I created a second site also.
Main site subnet is 192.168.100.0/23 (the OC200 is connected here)
Second site subnet is 192.168.200.0/24
I've already verified my site-to-site VPN and firewall settings and the main subnet is allowed to communicate on all ports to second site subnet and vice-versa also. While I am on the main site network, I can ping the individual APs that are on the second site with direct IP so I guess the network is fine.
How can I setup my OC200 controller to be able to see and detect the second's site APs that are not in the same subnet? I assume that actually the OC200 is only detecting APs on it's own subnet (192.168.100.0/23), but I can't figure out how to setup a second subnet in the OC200 for detecting APs.
Thx!!
Hi,
Is the 2nd site controlled by controller as well (Tp-Link Gateway connected to your OC200 on 1st site)?
If so, go to the LAN settings of 2nd site and set up Advanced DHCP option 138 - but there your OC200's IP address from 1st site.
That should inform all your omada devices on 2nd site, where the OC200 is located in the network :) if thise get the address from DHCP ofc.
OR, you can just simply go to EAP's management page, and set the controller's IP manually:
Just provide there OC's IP and Save the changes. After that the OC200 should be able to find the EAPs.
Those will work as long as the IPsec S2S is connected between those sites.
You could always provide there your Public (static) IP address and open the ports from WAN to OC200 for Omada Management to make it work even without VPN established, but that mean you are opening some additional "doors" from the net to your infrastructure.
Hope it helps,
Cheers :)
Hi,
Is the 2nd site controlled by controller as well (Tp-Link Gateway connected to your OC200 on 1st site)?
If so, go to the LAN settings of 2nd site and set up Advanced DHCP option 138 - but there your OC200's IP address from 1st site.
That should inform all your omada devices on 2nd site, where the OC200 is located in the network :) if thise get the address from DHCP ofc.
OR, you can just simply go to EAP's management page, and set the controller's IP manually:
Just provide there OC's IP and Save the changes. After that the OC200 should be able to find the EAPs.
Those will work as long as the IPsec S2S is connected between those sites.
You could always provide there your Public (static) IP address and open the ports from WAN to OC200 for Omada Management to make it work even without VPN established, but that mean you are opening some additional "doors" from the net to your infrastructure.
Hope it helps,
Cheers :)