Page 1 of 2 12 LastLast
Results 1 to 10 of 18
  1. #1
    Boldly Going Nowhere
    Join Date
    Dec 2004
    Location
    44S,173E
    Posts
    40

    Default VLAN novice trying to get Guest mesh wifi working through network switch (802.1q)

    I've just installed mesh wifi in our church building using TP-Link Deco units. Because of building size and shape, the 3 Decos are connected via wired backhaul through a Netgear "smart" switch. Wired connectivity is good and wifi on the Private SSID is great, but the Guest wifi only works when connecting to the main Deco (gateway router). When in range of the other 2 Decos, the Guest wifi won't connect at all (hangs on "Getting IP address"). TP-Link have a FAQ that seems to address this exact scenario here: https://www.tp-link.com/us/support/faq/2317/ which I've followed but with no success. I'm new to 802.1Q, VLANs and PVIDs, but their example doesn't look like it accounts for other local devices on LAN ports that also need connectivity.
    Click image for larger version. 

Name:	Network diagram 06-2022.jpg 
Views:	40 
Size:	27.3 KB 
ID:	11331

    Hopefully the attached network diagram explains it well enough. The Netgear switch does support 802.1Q and I've tried several configurations. It's currently set up as:
    VLAN 1 = ports 1-24 untagged (default)
    VLAN 591 = ports 15,19,24 tagged (guest wifi)
    PVID on all ports is 1

    As a result, devices on wired LAN and on Private wifi SSID can all talk to eachother throughout the building and access the internet. Guest wifi on the main Deco can only access the internet (as expected), but the problem is there's no connection to Guest SSID at either of the other "slave" Decos.

    Note: I did try a config like the TP-Link FAQ example but with worse results. That added VLAN 2 with untagged ports 15,19,24 pulled out of VLAN 1, and then PVID for those 3 ports set to 2. Like I said, I don't really see the FAQ example being able to give the desired results.

    Hopefully one of you networking experts can suggest what I've screwed up with my VLAN config? Thanks!
    --- Nothing is foolproof to a sufficiently talented fool

  2. #2
    Enterprise IT Consultant chiefnz's Avatar
    Join Date
    Dec 2004
    Location
    Sydney AU
    Posts
    1,769

    Default Re: VLAN novice trying to get Guest mesh wifi working through network switch (802.1q)

    VLAN's are overkill for what you need...

    I would dump the VLAN's and just have your "Private" WiFI SSID and then make use of the TP-Link's standard "Guest" WiFi SSID option under wireless...

    This will segregate the "Private" WiFi from the "Guest" WiFi i.e. "Guest" will only have access to the Internet and nothing else so will not be able to communicate with devices on any other SSID's or devices hard wired to the switch/deco units.

    Hope that helps.

    AMD Ryzen 5 5600X
    Gigabyte X570 Aorus Pro Wi-Fi
    Klevv 32GB DDR4 @ 3200MHz
    Gigabyte Aorus RTX 3070 Ti Master
    WD 512GB M.2 PCI-E 4 NVMe
    WD 1TB M.2 PCI-E 4 NVMe
    Corsair 4000D Airflow
    Corsair RMx 850W

  3. #3
    Computer Technician wainuitech's Avatar
    Join Date
    Aug 2007
    Location
    Wellington
    Posts
    29,057

    Default Re: VLAN novice trying to get Guest mesh wifi working through network switch (802.1q)

    Quote Originally Posted by chiefnz View Post
    VLAN's are overkill for what you need...

    I would dump the VLAN's and just have your "Private" WiFI SSID and then make use of the TP-Link's standard "Guest" WiFi SSID option under wireless...

    This will segregate the "Private" WiFi from the "Guest" WiFi i.e. "Guest" will only have access to the Internet and nothing else so will not be able to communicate with devices on any other SSID's or devices hard wired to the switch/deco units.

    Hope that helps.
    Yep, totally agree, most times keeping it simple (while still secure) is a LOT less hassles.

    TP-Links Guest ( as Chief advised) hides the other network devices anyway.

    Heres the setting from one of my TP-Link access points. (advising)

    Click image for larger version. 

Name:	Guest Network.png 
Views:	33 
Size:	40.1 KB 
ID:	11332

  4. #4
    Enterprise IT Consultant chiefnz's Avatar
    Join Date
    Dec 2004
    Location
    Sydney AU
    Posts
    1,769

    Default Re: VLAN novice trying to get Guest mesh wifi working through network switch (802.1q)

    Also make sure you disable the option that prevents devices on the "Guest" SSID being visible to each other, this will prevent any dodgy individuals from logging onto your "Guest" network and then trying to mess around with other devices on the "Guest" WiFi.

    I'm not too sure if this is a thing with newer TP-Link devices... I have an Archer MR600 and this has an option to prevent devices on the "Guest" network from being accessible/visible to each other which is not a bad thing on a Guest network.

    AMD Ryzen 5 5600X
    Gigabyte X570 Aorus Pro Wi-Fi
    Klevv 32GB DDR4 @ 3200MHz
    Gigabyte Aorus RTX 3070 Ti Master
    WD 512GB M.2 PCI-E 4 NVMe
    WD 1TB M.2 PCI-E 4 NVMe
    Corsair 4000D Airflow
    Corsair RMx 850W

  5. #5
    Boldly Going Nowhere
    Join Date
    Dec 2004
    Location
    44S,173E
    Posts
    40

    Default Re: VLAN novice trying to get Guest mesh wifi working through network switch (802.1q)

    Quote Originally Posted by chiefnz View Post
    VLAN's are overkill for what you need...

    I would dump the VLAN's and just have your "Private" WiFI SSID and then make use of the TP-Link's standard "Guest" WiFi SSID option under wireless...

    This will segregate the "Private" WiFi from the "Guest" WiFi i.e. "Guest" will only have access to the Internet and nothing else so will not be able to communicate with devices on any other SSID's or devices hard wired to the switch/deco units.

    Hope that helps.
    I'd be more than happy to do away with the VLANs but when the TP-Link units are connected via wired backhaul with a switch in between them, the "Guest" SSID doesn't work across the units (it only works for the main unit, not the slaves). That's the reason for the FAQ at https://www.tp-link.com/us/support/faq/2317/
    My scenario is Case 2 on that page.

    If there's a simpler way that'll work, I'm all for it. My TP-Link setup has the Guest setup enabled as per:
    Click image for larger version. 

Name:	Screenshot_20220619-134654_2.jpg 
Views:	15 
Size:	28.2 KB 
ID:	11333
    The "No internet? Tap here" is the link to the FAQ I mentioned. I thought it was great that they'd predicted my problem and had a solution good to go... just a pity it doesn't seem to be as simple as that!
    --- Nothing is foolproof to a sufficiently talented fool

  6. #6
    Enterprise IT Consultant chiefnz's Avatar
    Join Date
    Dec 2004
    Location
    Sydney AU
    Posts
    1,769

    Default Re: VLAN novice trying to get Guest mesh wifi working through network switch (802.1q)

    How far away are these mesh units from each other? Have you tried using the standard WiFi Meshing i.e. no ethernet backhaul.

    Being a cynic when it comes to Vendors... I would hazard a guess they are "Recommending" this "solution" because the bandwidth across the Decos when using wireless Mesh is trash.... so they came up with this "Gem".

    The title of that FAQ is quite misleading... it's titled "How to extend your guest network" when it's actually "how to implement VLANs".

    Fundamentally, what your are trying to do is on the cusp between "consumer" grade and "Pro-sumer" and whilst there is high-end consumer grade kit out there to do this, if you buy into a lower tier at the consumer level, sometimes the implementation of the more "advanced" features are a bit "disappointing".

    You may need to look at different hardware to achieve your goal... I realise this is a "non-profit" scenario so spending is kept to a minimum... but you should seriously consider something like a Ubiquti Unifi setup.

    Dream Machine or Dream Machine Pro for the router (the Pro is a good option if you want to add say a backup Internet connection for your "Private SSID"), a PoE switch for the AP's and maybe 3 of their LR UniFI AP's - whilst it is a much higher "entry cost" it will easily achieve what you need and you will most likely get a lengthy time of service. The spend is one off for the devices, support is free, updates are regular and they don't lock you into any stupid subscription traps.

    AMD Ryzen 5 5600X
    Gigabyte X570 Aorus Pro Wi-Fi
    Klevv 32GB DDR4 @ 3200MHz
    Gigabyte Aorus RTX 3070 Ti Master
    WD 512GB M.2 PCI-E 4 NVMe
    WD 1TB M.2 PCI-E 4 NVMe
    Corsair 4000D Airflow
    Corsair RMx 850W

  7. #7
    Computer Technician wainuitech's Avatar
    Join Date
    Aug 2007
    Location
    Wellington
    Posts
    29,057

    Default Re: VLAN novice trying to get Guest mesh wifi working through network switch (802.1q)

    but you should seriously consider something like a Ubiquti Unifi setup.
    be a bit selective with those as well.

    Been working on a business that someone else put those in , they used the lite versions, and while the work ( kind of) the Range and load on them is crap. One of the big disappointments was when there's more then 4 people connected they cant handle it and the connection stability is not good. Now not to sure if its because of the way it was setup or what ? but it should be better than what it is.

    Cant actually look to see what's wrong, as the original person who set it up went AWOL several years ago, Nothing written down as to user name or password or account and of course no way to get into the settings unless reset to default, and they don't want to do that as I was told it took ages to get it working even the way it is, so there's a problems someplace.

    Sorted half the Building by putting is a Single TP-Link Business Grade Access point - same speed on wireless as ethernet, and had 10 people connected no problems.

  8. #8
    Boldly Going Nowhere
    Join Date
    Dec 2004
    Location
    44S,173E
    Posts
    40

    Default Re: VLAN novice trying to get Guest mesh wifi working through network switch (802.1q)

    Quote Originally Posted by chiefnz View Post
    How far away are these mesh units from each other? Have you tried using the standard WiFi Meshing i.e. no ethernet backhaul.
    It's a long, narrow site - the main unit is central, then it's up to 30 m in either direction to the other 2 mesh units, through several walls. I'll give the wireless linking a shot as you suggest but I'm sceptical it'll have the reach in this case. Would also be a shame to have to bypass the 1Gbps building wiring backhaul just to enable the guest access for the occasional venue hire usage

    It's a small church numbers-wise with little to spend, so the 3 for $300 looked like a good deal, but I agree I'm stretching the gear's consumer-grade capabilities a bit. I figured it likely that my lack of VLAN experience meant I'd missed a small but vital config detail and hoped it might be obvious to someone with experience on the Netgear switches.
    --- Nothing is foolproof to a sufficiently talented fool

  9. #9
    Computer Technician wainuitech's Avatar
    Join Date
    Aug 2007
    Location
    Wellington
    Posts
    29,057

    Default Re: VLAN novice trying to get Guest mesh wifi working through network switch (802.1q)

    Quote Originally Posted by Spartacus View Post
    It's a long, narrow site - the main unit is central, then it's up to 30 m in either direction to the other 2 mesh units, through several walls. .
    The distance of 30Mtrs is on the edge of working if its a direct line of site with no obstacles, it could be more to do with the walls etc.

    This is from TP-Link when someone asked about distance:
    For the best experience, when wireless, the Deco unit should be no more than 50 feet apart of at least another Deco. Depending on your home, this can vary. -----If your Deco units are all wired together via Ethernet, the space between Deco is a bit more flexible
    50ft = 15 mtrs

    There's a very simple test to see if it is distance / Walls, move one of the Units closer to the main unit (say 10-15 Mtrs apart), see if it then works, if it does then that's the problem and you can work around from that. Finding the problem is the "fun" part

    Also What are the exact models of Deco's you have, they are not all the same.

  10. #10
    Enterprise IT Consultant chiefnz's Avatar
    Join Date
    Dec 2004
    Location
    Sydney AU
    Posts
    1,769

    Default Re: VLAN novice trying to get Guest mesh wifi working through network switch (802.1q)

    Quote Originally Posted by wainuitech View Post
    be a bit selective with those as well.

    Been working on a business that someone else put those in , they used the lite versions, and while the work ( kind of) the Range and load on them is crap. One of the big disappointments was when there's more then 4 people connected they cant handle it and the connection stability is not good. Now not to sure if its because of the way it was setup or what ? but it should be better than what it is.

    Cant actually look to see what's wrong, as the original person who set it up went AWOL several years ago, Nothing written down as to user name or password or account and of course no way to get into the settings unless reset to default, and they don't want to do that as I was told it took ages to get it working even the way it is, so there's a problems someplace.

    Sorted half the Building by putting is a Single TP-Link Business Grade Access point - same speed on wireless as ethernet, and had 10 people connected no problems.
    Agree, I have the U6 Lite myself and even though there are only 2 of us, in the same room as the AP, the connection speed can fluctuate as devices connect and reconnect... I was aware this was likely to happen (only has a 2x2 MIMO antenna) but stock of the 4x4 MIMO AP was no-where to be seen (Thanks COVID) and I needed to get the AP in as quickly as possible... apart from that the setup is rock solid. Currently waiting for delivery of the 4x4 MIMO U6 AP which should do me fine coverage and speed wise.

    AMD Ryzen 5 5600X
    Gigabyte X570 Aorus Pro Wi-Fi
    Klevv 32GB DDR4 @ 3200MHz
    Gigabyte Aorus RTX 3070 Ti Master
    WD 512GB M.2 PCI-E 4 NVMe
    WD 1TB M.2 PCI-E 4 NVMe
    Corsair 4000D Airflow
    Corsair RMx 850W

Similar Threads

  1. Wifi Mesh Vs Router Mesh
    By Ninjabear in forum PressF1
    Replies: 6
    Last Post: 09-04-2021, 05:59 PM
  2. Guest network
    By joe_exception in forum PressF1
    Replies: 6
    Last Post: 28-09-2011, 09:29 PM
  3. Christchurch Wifi Mesh OLSR
    By Mirddes in forum PC World Chat
    Replies: 0
    Last Post: 24-04-2011, 07:30 PM
  4. Replies: 2
    Last Post: 09-12-2010, 04:15 PM
  5. Home network probs.. novice
    By cowboy stu in forum PressF1
    Replies: 6
    Last Post: 10-01-2010, 09:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •