Deco XE75 - Guest network is not working - AP Mode - wired Backhaul

Deco XE75 - Guest network is not working - AP Mode - wired Backhaul

Deco XE75 - Guest network is not working - AP Mode - wired Backhaul
Deco XE75 - Guest network is not working - AP Mode - wired Backhaul
2024-09-09 06:48:38 - last edited 2024-09-10 05:54:03
Model: Deco XE75  
Hardware Version:
Firmware Version: 1.2.9 (latest)

Hello all,

 

i have three Deco XE75 over a switch connected. I have set them to AP mode and see in the Deco App that the Ethernet Backhaul is detected and working. The "normal" WLAN is working very good.

 

The Guest network which i have configured is not. So i see the SSID and can connect but then i have no connection to the internet. In the App i have under "Advanced" in Guest network only the option "Allow local Access" but i can`t find any option about a VLAN ID for the guest network or something like this because i have checked this https://www.tp-link.com/us/support/faq/2317/ ?

 

I have tried to setup the VLAN 591 because this should be the correct ID? Right? I have configured my Fritzbox to make Ethernet4 to Guest network and cabled this to port eth2 on the switch. My Deco APs are on port eth14, eth17 and eth20. I have configured the Guest Port from the Fritzbox to Access and put it in the VLAN 591. The APs got tagged VLAN 591 so that they can send the Guest network traffic with this out. Here a screenshot:

 

 

If i connect a client to the guest network he gets a IP address from my DHCP server which serves the normal network and not from the Fritzbox guest DHCP server.

 

So is think the article about the VLAN is wrong? Any idea why my Guest network is not working?

 

Best

  1      
  1      
#1
Options
1 Accepted Solution
Re:Deco XE75 - Guest network is not working - AP Mode - wired Backhaul-Solution
2024-09-09 08:45:51 - last edited 2024-09-10 05:54:03

How is Guest network in AP Mode with wired Backhaul working? Separated VLAN is wrong or?

 

I have a dedicated DHCP and DNS server in my network and it seems that i get the IP address from the DHCP on Guest but then my Guest client is not allowed to ask the DNS because internal Traffic from Guest will be blocked which is a good thing.

 

DNS to my default GW works so it looks like Deco is fix configured to use DHCP/DNS from default Gateway in Guest network scenario`s?

 

Is there some configuration where i can allow the Guests to access the dedicated DNS too but not everything else? Not really or?

Recommended Solution
  2  
  2  
#2
Options
3 Reply
Re:Deco XE75 - Guest network is not working - AP Mode - wired Backhaul-Solution
2024-09-09 08:45:51 - last edited 2024-09-10 05:54:03

How is Guest network in AP Mode with wired Backhaul working? Separated VLAN is wrong or?

 

I have a dedicated DHCP and DNS server in my network and it seems that i get the IP address from the DHCP on Guest but then my Guest client is not allowed to ask the DNS because internal Traffic from Guest will be blocked which is a good thing.

 

DNS to my default GW works so it looks like Deco is fix configured to use DHCP/DNS from default Gateway in Guest network scenario`s?

 

Is there some configuration where i can allow the Guests to access the dedicated DNS too but not everything else? Not really or?

Recommended Solution
  2  
  2  
#2
Options
Re:Deco XE75 - Guest network is not working - AP Mode - wired Backhaul
2024-09-09 09:27:09

I have created a workaround but i dropped for this my local dedicated DNS :-(

 

I use now my default GW as DNS for everything and now it works. I think the Guest Network feature is limiting the access not with VLAN. There are access lists implemented or something similiar.

 

Maybe there somes some feature in future where we can edit this access lists to add as example a DNS server.

 

Best

  1  
  1  
#3
Options
Re:Deco XE75 - Guest network is not working - AP Mode - wired Backhaul
2024-09-10 05:53:43

 

  @noob443 Hi, Thank you very much for the feedback.

Under AP mode, the guest network and main network are no longer separated by VLAN IDs. the FAQ only works in wireless router mode.

They are isolated by access control rules and the guest network is only allowed to access the LAN gateway. So if there is a local customized DNS server, the DNS server will be considerred as the main network devices and is isolated from the guest network.

 

Currently, the guest network still doesn't support setting its own DHCP/DNS servers.

Thanks a lot and best regards.

  0  
  0  
#4
Options