Omada Routing Possible Bug - 5.14.26.23
Omada Routing Possible Bug - 5.14.26.23
Hi Everyone,
Got a puzzling one for you and need some help!
I have the following:
1 x ER605 Router
1 x OC200 Controller
1 X SG2428P Switch ( 28 Port Gigabit POE+)
Interfaces Configured:
Interface 1 (Default) - Device Management (192.168.0.0/24)
Interface 100 - Servers (192.168.1.0/24)
Interface 101 - DMZ Servers (192.168.2.0/24)
Interface 102 - Corporate (192.168.3.1/24)
Interface 103 - Guest Wireless (192.168.4.1/24)
Interface 104 - IOT Devices (192.168.5.1/24)
Interface 105 - CCTV Devices (192.168.6.1/24)
Interface 106 - Printers (192.168.7.1/24)
Interface 107 - SSL VPN (192.168.8.1/24)
I have physically connected it all the devices together and adopted the Router and Switch successfully. My issue is when I create the Interfaces and have devices in each of them I am unable to ping or any other protocol between them - HOWEVER there is an ABNORMALITY coming :-) I can get a DHCP Address from my Domain Controller hosted in Interface 100 but cannot Ping, RDP etc into it or get into any other VLAN.
i went through and triple checked all settings, added in Switch and Gateway Rules as a test but they didn't work either.
When I do a tracert I can hit the interface IP but it will not go any further than that.
Hope someone can help!
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi Everyone,
An update for you and hoping that someone can shed some light on it
I believe i have found a bug in the latest version of the Firmware version 5.14.26.23
If i go ahead and set each Interface to handle DHCP Allocation, then each device gets an IP Address BUT is also able to communicate across every Interfaces / VLANS Fine. I was able to confirm this by then adding some Gateway / Switch ACL's to test the traffic which then were working fine.
I ensured that i had the L2 Relay configured and Legal DHCP Configured to the IP Address of my Domain Controller which handles DHCP but stil couldnt get it to work. I then went into the VLAN Interfaces on the Switch and made sure they were enabled and configured with the right address to Relay too but this was not functional.
Look forward to reading about other people's experiences and thoughts on this :-)
TP-LINK i hope you are reading this as i spent far more time than i would have liked troubleshooting this!! Hopefully a patch is released ASAP!
- Copy Link
- Report Inappropriate Content
Why do you just use the domain controller to allocate IP addresses? You can use the ER605 router as a DHCP server.
Please provide your previous and later controller settings so that I may better understand your point.
- Copy Link
- Report Inappropriate Content
@Hank21 Thanks for your reply!
The Domain Controller is serving a few other purposes so i naturally just setup DHCP to be run from there also.
For the time being i am running the DHCP from the ER605 but i ended up having to update the Forward and Reverse Lookup Zones in AD DNS to allow non-secure updates to have record creation happening.
I dont have any screenshots of the previous configuration so i have annotated the below screenshots to hopefully clarify this further:
VLAN Interfaces Configured:
Example of one of the Interface's properties. If i have the following settings then this is where the issue starts to become apparent:
DHCP Server = Disabled
Legal DHCP Server = My Domain Controller's IP
DHCP L2 Relay = Ticked
Following on from that, If i then go to the Switch and Config Tab, i make sure all of the VLAN Interfaces are enabled and then go Edit on one of them.
I ensure that DHCP is set for the IP Address Mode and DHCP Mode has been set to DHCP Relay.
The many combinations of this still did not make it function as it should. I was able to get an IP Address from my DHCP / Domain Controller but that was quite literally the only thing i could get from it, I was able to ping the Interfaces however i was unable to reach anything in any subnet. I was unable to ping, tracert for every vlan.
As soon as i reverted to using DHCP provided by the ER605 everything started working perfectly fine.
Hope this describes abit better for you.
- Copy Link
- Report Inappropriate Content
Do you directly connect clients to the switch? To configure the DHCP interface relay to the switch, please refer to this link; router configuration is not required.Please build a VLAN for the switch as the VLAN interface on the controller is only functional for the router.
- Copy Link
- Report Inappropriate Content
Hey everyone,
I think I've also had huge problems with VLAN and DHCP since the update.
We have a large guest network in the WLAN, with its own VLAN (120). I updated to version 5.14.26.23 1-2 weeks ago on my OC300.
I didn't test the WLAN guest afterwards because everything was actually working.
However, I have now heard from potential guests that they are not receiving an IP address. The DHCP is set on the ER605 in the controller with 3x EAP625-Outdoor-HD.
I have already set the tagged VLAN 120 on all switches in the hope that this is the problem. None of this has helped. I felt really stupid.
Now I've found this post and I'd guess it's related to this - what do you think?
BR Tim
- Copy Link
- Report Inappropriate Content
Hi!
Thanks for reaching out! I have done significant testing since my original post and i still cannot get it to function correctly either so it sounds like we are experiencing something similar!
I ended up Enabling and Disabling the VLAN Interfaces on the Switch and then updated my OC200 to update the Interfaces on the ER605 to have DHCP Relay etc to point to my Domain Controller but still no luck.
I am waiting for another release to come out and see if that resolves the problem.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Did anyone else have experiences with an external DHCP server?
No amount of testing i have done seems to get around this.
- Copy Link
- Report Inappropriate Content
I am having a similar issue... Not exactly the same but ACL rules won't work with intervlan traffic. I am new to this so maybe it is something else however static IP's wont take effect unless the port settings are matched to the network I am atempting to assign an IP from.
- Copy Link
- Report Inappropriate Content
Also I can access any IP from any network.
for ex: my guest network (set as guest network) can reach my IP Cams.... Also this seems to be isolated only to the switch. If I am connected via Wifi (on the guest ssid) i can not access anything outside that subnet however wired connections seem to be the cause of the issue, whatever that issue is.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1013
Replies: 11
Voters 0
No one has voted for it yet.