I have had really good luck with the Balance One and my previous SOHO MK3. So I am now trying to use my spare Peplink SOHO MK3 to it to use as a Wifi Extender and Managed router for the other side of the house. The MK3 is connected over ethernet to my Balance one as shown below. However, I am unable to get the MK3 to work at all. I have two VLANs, one for the office equipment and the other for the junk(TVs, XBOX, Phones, etc). I also have two SSIDs, one for each of the VLANs as well. I would like to use the Balance One as my DHCP server. However, I can not get the MK3 to work. Even connecting a PC to one of the downstream ports on the MK3 doesn’t connect. I have tried multiple configurations on the MK3 but nothing seems to work so I am doing something very basic, very very wrong. Any suggestions?! Ihome-network-map.png|1108x574
Where you’ve written “WLAN1/2” on your diagram I assume that is meant to be “WAN1/2” ?
To do what you want will rely on the switch ports on the Soho to tag frames to the right VLAN correctly, and you should ignore the WAN interface on the Soho entirely as the best way to do what you are trying is to think of the Soho now as a small switch with a built in AP.
Try the following:
Configure WAN1 on the Soho for DHCP and disable it.
It looks like you already have correctly assigned IPs for the Soho for each VLAN interface.
Configure a port on the Soho as a trunk, it looks like port 5 is free?
Connect that port to your existing trunk port on the Balance.
You already have existing ports tagged for vlan1 and vlan2 on the Soho, I’d just plug a laptop in there and check that you can pull an IP from DHCP and test connectivity to the things you’d expect to be reachable form each VLAN, for instance can you plug into VLAN1 on the Soho and log into the Web GUI for the Balance?
If that works I’d then temporarily disable the built in AP on the Balance and test each SSID via the AP on the Soho to check they are also doing the same.
–
PS
Just noticed you are using both the “unmanaged” vlan and vlan1 - I would personally not do this as tend to think of the unmanaged aka untagged vlan as vlan1.
Depending on how the switch in the Balance and Soho are handling untagged frames sending traffic tagged explicitly on what would essentially be the “native vlan” in could also cause you some issues here.
It may be worth reconfiguring your vlan tags for “Office” and “Phones” from 1/2 to say 10/20 or something like that across all the devices.
If you are trying to connect two LAN systems via a VLAN trunk you need to have both sides of that connection in trunk mode. That means that the SOHO side must go into a LAN port. LAN to LAN, you can’t mix and match multi VLAN trunking with the WAN ports.
The soho will not be a managed router… it will only be an AP and VLAN switch… You won’t be using any of the routing products on it.
Turn off all DHCP on the SOHO, connect the 2 trunk ports and it should do what you are looking for.
If you really need more wired connections on the remote side, I would use a switch, (a UBNT flex mini is $30)
If you really want to try and use the WAN port for that last wired connection in drop in mode, then you will need to have your traffic for the TV/Phones to be untagged. as the drop in mode will probably not untag a vlan off of the trunk. You will also need the security to be completely open… I would build up to that point… get most of it working first, and then you can try and get 1 more network connection, but if it doesn’t work… go back to a switch.
And yes, using VLAN 101/102 or some higher number is better as 1 is reserved in some systems.
Thanks! I was focused on using the WLAN port as my upstream port and I didn’t think of this option. Once, I disabled that and just used one of the other MK3 ports as a trunk and the configured the remaining 3 ports and WIFI, it worked as I wanted. I also changed my VLAN to 20 and 30 and this seems to be working as I wanted it.
Thinking of next steps if I want to take it. If I bought a AP One Mini or AP One Enterprise, what would be the difference? Right now I need to manage both devices through separate windows. Would the AP One Mini be easier to manage?? And in case your wondering, yes, I have to much time on my hands.
The Mini is a good little AP, but technically the one built into the Soho MK3 is better (3ss in the Soho vs 2ss in the Mini) so for a like for like you’d want the AP One Enterprise in that sense, but honestly if I were buying APs at the moment I’d be looking for something WiFi 6 (802.11ax) capable to get the most life out of it which in Peplink terms means the AP One AX or AX Lite (we’ve sold a fair few of the AX Lite, they have proven to be quite good so far).
In terms of more integrated management you have two options:
-
Manage the AP using the AP Controller built into the Balance One - all local, the config is done on the Balance and pushed out to the local APs joined to it.
-
Manage the AP using IC2 - not quite 100% feature parity with the local controller, but also gives you some nice reporting and stats. If you are already using IC2 for the Balance this may be the way to go, just bear in mind the small annual fee for the IC2 licence for the AP.
You’d also then need to get a small managed switch to provide for the wired devices, you could look at something from Ubnt as mentioned above - low cost but bear in mind no direct local management interface so you’d need to run the controller somewhere even if temporarily to configure it (yes, I know you can manually bash the CLI on them when they are not joined to a controller but that is frankly a hassle).
Personally, these days for cheap / small deployments I am a bigger fan of the Aruba Instant On stuff, they do a small 8 port POE model for under $200 USD that has a local web interface for management along side their cloud and app management options (model is JL681A) the hardware is well made as it is basically the same hardware that HPE/Aruba sells for 4x the price with a different software load.
You could also go all in on Peplink and get a small 8 port SD Switch which you could then manage via IC2 along with the Balance and AP but that is a somewhat more expensive option but certainly the most unified approach in terms of management and monitoring from one location! 
Is it possible for the Balance series (specifically Balance 20X) to control the AP on a Surf SOHO MK3? If so, does that work with the SOHO connected to the Balance via a LAN port on the SOHO, or would the SOHO need to be connected to the Balance via the WAN port on the SOHO?