Hello,
I have been using an AP One AC Mini behind a Balance 20 and also a SOHO with very simple configurations for several months with no problems.
I recently setup a SOHO router with a VLAN for DMZ/Guest support for miscellaneous Internet of Things like webcam, smart home hubs, etc that I “do not trust”. The Internal SOHO WiFi and works flawlessly. One SSID is the main LAN and a different SSID for the VLAN (different subnet). I then enabled port type “access” and assigned Port #1 to the VLAN. This also works great and can connect some Ethernet cabled Webcams to the DMZ VLAN.
However when I connect the AP One AC Mini to the SOHO router the connecting clients can not obtain a DHCP address like the internal WIFI SSIDS can. Makes no difference if the AC Mini SSID is for the internal LAN or VLAN. Makes no difference if the AC Mini is attached to the VLAN port or to a regular LAN port. However if I turn off the VLAN Port, but leave the VLAN definition for internal WiFi SSIDs then clients connecting to the AC Mini SSIDs can get DHCP IP addresses. Does not seem to care which actual port the AC Mini is connected to. Same issue if I factory reset the AC Mini with Default settings and SSID. Then If reconnect the AC Mini to the Balance 20 or other SOHO router with no VLAN it always works.
I have spent many weeks on this problem with my retail support. They find nothing wrong. I have backed and restored the configurations. Reset factory and manually rebuild as requested. Still no solution. Please help!!!
Surf SOHO firmware is V6.3.1 build 2023
AP One AC Mini firmware is V3.5.3 build 1607
That is one of the configurations I have tried and while the AC Mini itself can get an IP address, it is the wireless clients that can’t get an IP address when connecting to the AC Mini. Also to make it clear which AP I am testing each SSID is unique. It also turns out as I am typing this reply I have turned off the LAN1 port access to DMZ(vlan1). At this moment all ports settings are port “Trunk” and “Any”. As I encountered this problem I also started experimenting with InControl2.
Base on the description given above, the setup is working now with the Surf SOHO default Trunk ports.
Do note that for Surf SOHO, if you enable port base VLAN settings (Define each ports using Trunk or Port access), Trunk port option for un-tagged VLAN (Default LAN) is unavailable. You need to make sure all SSIDs defined at the AP One AC Mini are assigned under VLANs and this include the AP Management VLAN.
Did you try before the following setup:
Surf SOHO:
VLAN settings:
Untagged: LAN
DMZ VLAN: 1
Other VLAN: 2
Management VLAN: 3
Physical interfaces:
LAN1 - Port access DMZ (VLAN1)
LAN2 - Port access LAN
LAN3 - Connect to AP One AC Mini (Trunk with Customize VLAN 1, VLAN 2 and VLAN 3)
LAN4
AP One AC Mini:
AP management (VLAN3)
SSID_DMZ (VLAN ID 1)
SSID_Other (VLAN ID 2)
Hi. I realise that this thread is old, but it almost exactly replicates what I am trying to achieve with the same hardware. However, when I create the management vlans on both the surf soho, and the ap one ac mini, and then assign the management vlan id on the ac mini, the configuration is saved, then applied, but the change is lost when i return to the settings page - the management vlan id is still shown to be Base (no vlan). And all the connections from APs assigned to a vlan do not work. What am I doing wrong? Duncan.
Thanks. I will do that. However, I have tested the setup with my managed switch removed, and this initially seems to be working. So, my problem is probably with my configuration of the switch. This is a small TP Link device. I presume that I should set this up to send and receive tagged traffic on both the port to the AP One AC mini, and the Surf Soho. I need to check how to do that.
I have now removed the managed switch between the AP One AC Mini and the Surf Soho, and each wireless client added to the AP One AC Mini gets allocated the correct IP address. However, when I select the Managament VLAN Id on the AP Settings page to Management (5) on the AP One AC Mini, the change is accepted, saved, and then applied, but when I return to the page, it has gone back to the default of Untagged LAN (No VLAN). I can see the WiFi clients on the status page of the Surf Soho, but they show up as a direct Ethernet connection. Do I need the Management VLAN ID? What does it do?
Sorry for the screenshot overload, but I wanted to give the full picture,
Thanks very much.
@duncanmead, since you set VLAN 5 as management VLAN in SOHO, you should set VLAN 5 as management VLAN in AC Mini at Network > WAN > WAN 1. Please find the screenshot below for better understanding.
Is the AP>Settings>Management VLAN ID still a web UI bug?
I notice upon changing this setting from untagged (No VLAN) to a VLAN, the attached AP mini will update the settings in Network>WAN>WAN1 to the VLAN ID of the same corresponding VLAN, and also give the AP mini a new DHCP IP address within the newly designated Management VLAN ID network. Than shortly after the settings update the AP mini drops it’s connection to the router (Balance 20x) and goes off-line. Even after restart of the AP mini will end up off-line.
To fix the issue I change the Management VLAN ID back to (No VLAN) and the AP mini will now connect to the router, Network>Wan>Wan1 VLAN ID changes back to unassigned, and the IP address of the AP mini goes back to the untagged network.
For what it’s worth, I also have under System>Admin Security>LAN connection access set to the same VLAN.
Here is what I am trying to do:
I am preparing to install some managed switches from Netgear and my understanding, from reading the forums and Sitloongs post above, is that it’s best to keep all traffic assigned to VLANs in order to make it easier to assign trunking and VLANS on third party switches. Using only VLANs for traffic also creates a more secure network. My plan was to do just that- take our primary household (untagged) LAN which is also the one used for router/AP management and move it to a VLAN. The untagged LAN would essentially become an unused network.
Is it best to leave the AP management within the untagged LAN? It appears that changing the Management VLAN id setting which is supposed to tag management traffic with the designated VLAN id is causing some issues with the router connecting to the AP mini.
hardware:
Balance 20x firmware 8.2.1 build 5191
AP Mini firmware 3.9.1 build 1088
The AP Mini configuration is managed by the Balance 20x AP controller.