Issues - Twin Soho Surfs - One as router, one as AP

Product Discussion Pepwave AP & Surf
#1

Good afternoon,

I’m having some issues with my new configuration. I’ve had a Soho Surf Mk3 for years and love its stability and functionality. I purchased a second one to use solely as a wireless access point/network extender in my home to ensure good signal and speed. I’ve done as much as I can figure to do, and although I’m sure the answer is simple, I’m stuck. Here’s what I’ve done:

  1. Direct wired connection from LAN port on Soho Surf router downstairs to LAN port on Soho Surf access point upstairs.

  2. Assigned upstairs access point IP address 192.158.50.2 - downstairs router is 192.168.50.1.

  3. Disabled DHCP on upstairs access point.

  4. Mirrored Wifi AP settings on both devices (SSID, security, etc).

  5. Verified and selected separate wireless channels for each.

  6. Mirrored port forwarding from downstairs router to upstairs access point.

  7. ATTEMPTED to create a WAN on upstairs access point with Static IP of xxx.11, default gateway set to downstairs router IP, DNS 8.8.8.8. Didn’t seem to connect. This was my basic idea of how to get that access point work for internet access. Also not sure if IP passthrough needs to be selected but I’m hesitant to as I’ve “lost” other devices on networks with that feature sometimes.

Any assistance you all can provide would be much appreciated. I’m savvy enough to do most of this but nowhere near the abilities of most of you.

Thanks,

Dan

#2

Hi Dan - welcome to the forum!

The SOHO acting purely as an access point is a little overkill and since its technically a router with an access point built in, its going to require a little bit more config.

The easiest way to set this up, is to do a wired connection from the LAN of the SOHO downstairs (lets call this one primary) to the WAN of the one upstairs (Secondary). Then change the default network subnet to something else (ie 192.168.51.1 ) Then configure the SSID on the secondary and you’ll have a WIFI bubble upstairs to connect to.

The only issue with that is the Primary will see all traffic from clients connected to the secondary as coming from a single IP (the WAN IP address of the secondary) which is fine if you don’t need any advanced outbound policies to control traffic flow or any port forwarding / firewall configs to those devices (connected to the secondary soho).

However, if you do want to have visibility of the individual client / device IP addresses hanging off the Secondary soho and what they are doing bandwidth wise individually on the primary soho, then you need to do the following:

  1. Reserve an IP address on the primary for the WAN of the secondary (so the secondary’s WAN IP doesn’t change) or set a static IP there (ie 192.168.50.2).
  2. add a static route to the primary for 192.168.51.0/24 and point it to the static (or dhcp reserved) IP assigned to the secondarys WAN ie 192.168.50.2.
  3. On the secondary SOHO change the WAN routing mode from NAT to IP Forwarding
2 Likes
#3

Hi Martin,

Thanks so much for the welcome and especially for your time in responding. I’ve attempted to do as you suggested, but I’m coming up empty. The one thing I cannot seem to figure is how to change the default network subnet of the secondary to 192.168.51.x. The only place I can seem to do that is in DHCP which I have disable since I don’t want the upstairs (secondary) assigning IP’s. I’d prefer the downstairs (primary) assign all IP’s and policy and the upstairs merely function as a mirrored SSID access point. Maybe I am wrong here?

I did do a MAC ID DHCP reservation on the primary for the WAN MAC of the secondary:

image
image.png1712×1424 218 KB

#4

Sorry, had to split into two posts:

I’ve configured the WAN of the secondary (upstairs) as you see here:

image
image.png1584×1458 294 KB

I cannot seem to add the static route you suggest. In any event, with these settings the upstairs (secondary) will not show an active WAN and is not accessible until I relocate my ethernet cable to a LAN port (which I do in order to access the device for configuration).

I’m sorry to ask for more of your expertise, but this has me confounded.

Thanks again,

Dan

#5

Got to the LAN settings on the secondary (same as you show above but on the other SOHO) and change everywhere that says 192.168.50 to 192.168.51 then click save and apply. From that point onward you will have to access the secondary SOHO on its new IP address http://192.168.51.1

image

Yes wrong. The SOHO is a router, the WIFI is on the LAN and we want to connect it to the downstairs primary SOHO using its WAN so you need the upstairs secondary router to have a different subnet range and for it to allocate that to the connected devices. Thats why we set the LAN IP to 192.168.51.1 and the DHCP range to 192.168.51.10-192.168.51.100.

On the downstairs primary SOHO navigate to Network > LAN | Network Settings and fill in the Static Route settings like this:

image
image.png833×130 7.47 KB

Then Click Save an Apply.

1 Like
#6

Actually. I guess although what I’m saying is ‘right and proper’ its not the simplest way to do this.
If you really just want to use the SOHO as you would a cheap Access Point then you could on the secondary SOHO:

  1. Set the LAN IP to 192.168.50.3
  2. turn off DHCP server
  3. Create a SSID that is the same as the one downstairs (same name, same password)
  4. Connect the LAN of the SOHO downstairs to the LAN of the SOHO upstairs.

Then the one downstairs would be the primary gateway / DHCP server and the SOHO upstairs just acts as an AP.

Just seems a shame since you lose out on all the good stuff the upstairs SOHO could do - but then maybe you really don’t need that… and if you don’t, then sell the SOHO on ebay and get a Pepwave AP Pro for upstairs :wink:

2 Likes
#7

Martin,

Thank you so much once again for your time. I’m attempting to configure this second unit for maximum functionality. Tomorrow I’m going to factory reset it to ensure that I haven’t made an error - start clean and see what happens. Just to be sure…was my WAN configuration for the secondary (upstairs) correct? I imagine that it will still be IP forwarding even though we’re going to allow the secondary to use DHCP on a different subnet. In the WAN setting for the upstairs, under IP, I imagine that’s the same as the LAN IP of that unit, i.e. 192.168.51.1 (as you suggested). The gateway would have to be 192.168.50.1 (the downstairs router).

Also, I was hoping you could confirm the setting you suggested on the Static Route to be installed on the downstairs (primary)…Destination network and Gateway. Also, just to confirm, I’ll need to change the DHCP reservation on the downstairs router to match the LAN MAC of the upstairs router as well as alter the reservation for the new LAN IP of 192.168.51.1

Thanks again for your time…hoping to nail this down tomorrow and see that green WAN status on the second router. I truly appreciate the help!

#8

Yes still IP forwarding.

No WAN IP of upstairs unit has to be in the LAN subnet of downstairs unit. I would suggest you set the WAN IP to 192.168.50.2 (Assuming downstairs LAN IP is 192.168.50.1)

No. Either set the WAN IP of the upstairs SOHO manually to 192.168.50.2 or set it to DHCP then when it connects go to the downstairs SOHO and reserve the DHCP IP it has been assigned. Remember to update the static route on the downstairs SOHO to forward all traffic for 192.168.51.0/24 to the upstairs SOHO WAN IP (ie 192.168.50.2).

2 Likes
#9

Hi Martin did It worked?

#10

Hi Andres (welcome to the forum!) - there is no reason I could think of why it wouldn’t work…

#11

I am trying to do the same thing - effectively use the Soho as a managed switch with wifi. I have multiple vlans that I want to move back and forth between the Soho and a Balance One, so I would prefer to have one DHCP server and keep the IP addresses of the networks consistent. The only trouble I have is that once I disable the DHCP on the Soho, I can no longer access it. The balance does not assign an address to the Soho, nor does it utilize the reservation I have established. Is it still living on 192.168.50.1 somehow? Any ideas on how to “find” it?

Alternatively, I have tried the method that creates a separate network on the Soho. I even set the static route on the Balance. As soon as I switch from Nat to IP forwarding, however, I lose everything. I cannot trigger assignment of the IP address to the Soho (using IPCONFIG) and I have no internet or access to the Soho. The Balance does show it as being connected to the reserved IP address though.

For now, I am leaving it as what i believe is a typical dual Nat setup, but I want to be able to blend these networks to share a printer and hopefully isolate the vlans

#12

If you don’t see the SOHO on your Balance One as a LAN client then try connecting to it directly via Ethernet and a computer (lan port) to access its web admin. Make sure it’s not plugged into anything else. (Disconnect WAN and any other LAN port)

if you can access the web admin, from there you should be able to do what you have to do to turn it into an AP.

  1. Disable ALL DHCP.
  2. set up your networks on the SOHO as they are on the balance One
  3. Disable WAN health checks (since you won’t be connecting the WAN anymore)
  4. Connect a SOHO lan port to a LAN port on the balance One.
  5. Check the port type on the Balance One and SOHO and make them both TRUNK ANY.
  6. If you see the SOHO in your client list on the Balance One, reserve the IP from there, otherwise add the SOHO MAC address to DHCP reservation list manually on the Balance One.

Make sure your not connecting to the SOHO wan port from the Balance One. Connect LAN to LAN trunk any on both ends.

if that doesn’t work, factory reset the SOHO and start from scratch using steps above once connected to web admin.

Hopefully I didn’t miss anything.

#13

Thanks so much for the input. I had replied, but must not have posted it properly…

In any case, I have been doing just this have actually done numerous hard resets, because that is the only way to get back into the web interface.

The trouble I have is that the surf soho behaves properly and lets the main router assign up addresses, but for some reason, the surf soho never takes the reserved one or any other. As a result, while the device is on the network, it cannot be reached in order for me to make additional adjustments.

I am sure to have disabled dhcp on each of the individual networks, I know I am connected to the lan ports on both ends and they are set to trunk/any. I also have latest firmware running. I’m at a loss to explain it. The surf soho connects perfectly if I turn it back into a router. Then it grabs the reserved up address every time.

Do I throw in the towel and just run a separate set of networks with ip forwarding in lieu of Nat? I believe that will give me some of what I’m looking for, but may compromise the isolation of my vlans…? I’m not sure exactly how all of that will work.

#14

OK, I think I have figured this out. The my un-tagged network runs from 2 to 255, but the static IP assigned to the SOHO ended in 8. I needed to define the un-tagged network on the SOHO as running from 8 to 255. In that case, it remains accessible through the web interface. The Balance One forces it to use the right IP address, but for some reason shows it as disconnected in the client list. So be it. At least it now works and I don’t have to worry about connecting two networks unnecessarily.

1 Like
#15

In order to use my old Surf SOHO as an AP & switch in conjunction with a Balance 20X router, I placed the Surf SOHO in drop-in mode with the B20X listed as WAN default gateway and enabled DHCP relay on the Surf SOHO with the B20X listed as DHCP Server IP Address. (The cable from one of the B20X LAN ports is plugged into the WAN port of the Surf SOHO.) This setup maintains the DHCP reservations I’ve already established for my various devices in the B20X DHCP assignment table without any additional special setup on the Surf SOHO.

#16

Great advice. Is your B20x also doing WiFi or just the Surf SOHO?

#17

The B20X and Surf SOHO are both doing wifi. (InControl2 is handling SSID management.)