Problems getting AP One AC Mini working with SOHO router with VLAN Port enabled

Hello,
I have been using an AP One AC Mini behind a Balance 20 and also a SOHO with very simple configurations for several months with no problems.

I recently setup a SOHO router with a VLAN for DMZ/Guest support for miscellaneous Internet of Things like webcam, smart home hubs, etc that I “do not trust”. The Internal SOHO WiFi and works flawlessly. One SSID is the main LAN and a different SSID for the VLAN (different subnet). I then enabled port type “access” and assigned Port #1 to the VLAN. This also works great and can connect some Ethernet cabled Webcams to the DMZ VLAN.

However when I connect the AP One AC Mini to the SOHO router the connecting clients can not obtain a DHCP address like the internal WIFI SSIDS can. Makes no difference if the AC Mini SSID is for the internal LAN or VLAN. Makes no difference if the AC Mini is attached to the VLAN port or to a regular LAN port. However if I turn off the VLAN Port, but leave the VLAN definition for internal WiFi SSIDs then clients connecting to the AC Mini SSIDs can get DHCP IP addresses. Does not seem to care which actual port the AC Mini is connected to. Same issue if I factory reset the AC Mini with Default settings and SSID. Then If reconnect the AC Mini to the Balance 20 or other SOHO router with no VLAN it always works.

I have spent many weeks on this problem with my retail support. They find nothing wrong. I have backed and restored the configurations. Reset factory and manually rebuild as requested. Still no solution. Please help!!!

Surf SOHO firmware is V6.3.1 build 2023
AP One AC Mini firmware is V3.5.3 build 1607

Dave

Hi Dave,

Can you please confirm the below info for us to further understand the defined setup:

Surf SOHO:

VLAN settings:

  • Untagged VLAN: LAN
  • DMZ VLAN: 1

Defined SSIDs:
SSID_LAN (Assigned to LAN)
SSID_DMZ (Assigned to VLAN 1)

Physical interfaces:
LAN1 - Port access DMZ
LAN2 - Port access LAN
LAN3 - Connect to AP One AC Mini (Tested with untagged VLAN or VLAN)
LAN4

AP One AC Mini:
SSID_LAN (VLAN ID 0)
SSID_DMZ (VLAN ID 1)

With the above setup when you connect a device to SSID_LAN & SSID_DMZ for the AP One AC mini you can’t obtain IP address from Surf SOHO ?

Thank You

1 Like

That is one of the configurations I have tried and while the AC Mini itself can get an IP address, it is the wireless clients that can’t get an IP address when connecting to the AC Mini. Also to make it clear which AP I am testing each SSID is unique. It also turns out as I am typing this reply I have turned off the LAN1 port access to DMZ(vlan1). At this moment all ports settings are port “Trunk” and “Any”. As I encountered this problem I also started experimenting with InControl2.

P.S. I should have mentioned that since all ports are now “Trunk” and “Any” wireless clients can now connect to the AC Mini and get IP adresses.

Hi Dave,

Base on the description given above, the setup is working now with the Surf SOHO default Trunk ports.

Do note that for Surf SOHO, if you enable port base VLAN settings (Define each ports using Trunk or Port access), Trunk port option for un-tagged VLAN (Default LAN) is unavailable. You need to make sure all SSIDs defined at the AP One AC Mini are assigned under VLANs and this include the AP Management VLAN.

Did you try before the following setup:

Surf SOHO:

VLAN settings:
Untagged: LAN
DMZ VLAN: 1
Other VLAN: 2
Management VLAN: 3

Physical interfaces:
LAN1 - Port access DMZ (VLAN1)
LAN2 - Port access LAN
LAN3 - Connect to AP One AC Mini (Trunk with Customize VLAN 1, VLAN 2 and VLAN 3)
LAN4

AP One AC Mini:
AP management (VLAN3)
SSID_DMZ (VLAN ID 1)
SSID_Other (VLAN ID 2)

Thank You

1 Like

Hi. I realise that this thread is old, but it almost exactly replicates what I am trying to achieve with the same hardware. However, when I create the management vlans on both the surf soho, and the ap one ac mini, and then assign the management vlan id on the ac mini, the configuration is saved, then applied, but the change is lost when i return to the settings page - the management vlan id is still shown to be Base (no vlan). And all the connections from APs assigned to a vlan do not work. What am I doing wrong? Duncan.

@duncanmead

May i know the firmware version running for your AP and SOHO router ? Beside that, can you please share the configuration screenshot here ?

1 Like

Thanks. I will do that. However, I have tested the setup with my managed switch removed, and this initially seems to be working. So, my problem is probably with my configuration of the switch. This is a small TP Link device. I presume that I should set this up to send and receive tagged traffic on both the port to the AP One AC mini, and the Surf Soho. I need to check how to do that.

Regards,

Duncan Mead

@duncanmead

You are in the right tracks now. If you have the switch in between the AP & the SOHO device, make sure the VLAN ID properly carried out.

1 Like

OK, AP One AC Mini firmware 3.7.0s006 build 1015
Surf Soho firmware 7.1.2 build 1387
AP One AC Mini screenshots:






Surf SOHO screenshots:





I have now removed the managed switch between the AP One AC Mini and the Surf Soho, and each wireless client added to the AP One AC Mini gets allocated the correct IP address. However, when I select the Managament VLAN Id on the AP Settings page to Management (5) on the AP One AC Mini, the change is accepted, saved, and then applied, but when I return to the page, it has gone back to the default of Untagged LAN (No VLAN). I can see the WiFi clients on the status page of the Surf Soho, but they show up as a direct Ethernet connection. Do I need the Management VLAN ID? What does it do?

Sorry for the screenshot overload, but I wanted to give the full picture,
Thanks very much.

@duncanmead, since you set VLAN 5 as management VLAN in SOHO, you should set VLAN 5 as management VLAN in AC Mini at Network > WAN > WAN 1. Please find the screenshot below for better understanding.

The Management VLAN ID in AP > Settings is a web UI bug. We will remove it in 3.7.1.

Sorry for the inconvenience caused.

1 Like

Is the AP>Settings>Management VLAN ID still a web UI bug?

I notice upon changing this setting from untagged (No VLAN) to a VLAN, the attached AP mini will update the settings in Network>WAN>WAN1 to the VLAN ID of the same corresponding VLAN, and also give the AP mini a new DHCP IP address within the newly designated Management VLAN ID network. Than shortly after the settings update the AP mini drops it’s connection to the router (Balance 20x) and goes off-line. Even after restart of the AP mini will end up off-line.

To fix the issue I change the Management VLAN ID back to (No VLAN) and the AP mini will now connect to the router, Network>Wan>Wan1 VLAN ID changes back to unassigned, and the IP address of the AP mini goes back to the untagged network.

For what it’s worth, I also have under System>Admin Security>LAN connection access set to the same VLAN.

Here is what I am trying to do:
I am preparing to install some managed switches from Netgear and my understanding, from reading the forums and Sitloongs post above, is that it’s best to keep all traffic assigned to VLANs in order to make it easier to assign trunking and VLANS on third party switches. Using only VLANs for traffic also creates a more secure network. My plan was to do just that- take our primary household (untagged) LAN which is also the one used for router/AP management and move it to a VLAN. The untagged LAN would essentially become an unused network.

Is it best to leave the AP management within the untagged LAN? It appears that changing the Management VLAN id setting which is supposed to tag management traffic with the designated VLAN id is causing some issues with the router connecting to the AP mini.

hardware:
Balance 20x firmware 8.2.1 build 5191
AP Mini firmware 3.9.1 build 1088
The AP Mini configuration is managed by the Balance 20x AP controller.

Thanks, Erik