R605 EAP225 Connect direct or via switch

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

R605 EAP225 Connect direct or via switch

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
R605 EAP225 Connect direct or via switch
R605 EAP225 Connect direct or via switch
2021-04-27 13:34:44
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version:

Hi,

 

Looking for some help on design while I await delivery of my new Omada system

 

h/w:

TL-R605

T1500G-8T

EAP225

 

I plan to deploy what I belive is a relatively standard home setup.

the default lan will be my trusted lan, there will be two vlans IoT and Guest with internet connectivity but isolated from the trusted lan and each other, all of these will also be propagated wirelessly via the EAP225.

 

I had expected I could connect the ap directly to the R605 as I am tight on ports on the T1500G-8T, however I have read some threads on here about the R605 not isolating traffic between the default lan and vlans unless connected via a switch.

 

Can anyone confirm if I connect as planned will devices on the wifi segments of my IoT and Guest lan be able to communicate with devices in the default lan?

 

Thanks in advance.

  1      
  1      
#1
Options
2 Reply
Re:R605 EAP225 Connect direct or via switch
2021-04-29 00:35:08

@Morgans 

 

If you connect the EAP to the router port the wireless clients will be on the default subnet.  If you want them on a different subnet the EAP needs to be connected to a switch port. 

  1  
  1  
#2
Options
Re:R605 EAP225 Connect direct or via switch
2021-04-29 21:22:04

@1207 

 

as per my other thread I broke down my setup last night and set it up again this morning.

 

after getting wifi working on the native lan reliably I moved the eap to router port 4 and presented all lans/vlans to port 4.

 

this has made no change to connectivity and I have access to the internet via all vlans/wireless networks (inter lan / vlan routing hasn't been tested yet)

 

the next step once I have my local pi-hole dns server working reliably will to try acl's and isolating iot devices 

  0  
  0  
#3
Options