Problem with VLAN on ZYXEL AP NWA210 and multiple SSIDs

Options
Sven_K
Sven_K Posts: 3
edited August 2022 in WirelessLAN

Hi,

 

who can help us? We have a problem with a new Zyxel WLAN AP NWA210AX.

 

We need to config it in standalone mode.

Firmware: V6.20(ABTD.0)

We want to use two SSIDs for example

SSID1               VLAN 1             WPA3              1111111111

SSID2               VLAN 11          WPA2              2222222222

The AP ist connected by cable to a firewall Sonicwall TZ270.

LAN packets from the firewall for SSID1 are untagged.

LAN packets from the firewall for SSID2 are tagged with VLAN 11.

The function oft he firewall was testet with a PC.

We unplugged the cable from the AP an plugged it to the test PC.

Depending oft he VLAN tag oft he PC network card the PC gets an IP from the correct subnet by DHCP.

If we plug the cable out oft he PC into the AP we have the following problems:

WLAN client connected to SSID1

            client gets an IP by DHCP from the VLAN 1

            all works fine

WLAN client connected to SSID2

            client gets no IP by DHCP from the VLAN 11

            no connection

            manual setting of a possible IP from the correct subnet does not help

            no connection

 

WLAN client connected to SSID2 we can see in the firewall protocol no packets tagged with VLAN 11

and we cannot find the MAC oft he WLAN client in the protocol.

 

LOG of the firewall while testing with an PC on the LAN-cable. The ethernet card of the PC is tagged with VLAN 11.


LOG of the firewall while testing with the AP and a WLAN client connected to SSID1


No LOG entrys while testing with the AP and a WLAN client connected to SSID2

 

In the web interface of the AP we can see the WLAN client connected to SSDI2



Connected to SSID2 the WLAN client sends an ARP call without any answer. After timeout the WLAN client uses the IP 169.254.65.55

This IP we can see in the web interface oft he AP.

 

Who can find the mistake?

 

Screenshots of the AP:





 

 

 

Best Answers

  • Zyxel_Richard
    Zyxel_Richard Posts: 218  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Hi,

    From the screenshot you provided, the configuration on SSID is correct - the AP should forward the clients packet out with the correct VLAN tag.

    Please first make sure the Ethernet cable is connect to AP's [UPLINK] port (Not the LAN port), if the issue still occurs, please help us to collect the diagnostic info on the GUI, and send it to me through the private message.

    GUI Directory for collecting the Diagnostic Info:


    Best Regards,
    Richard
  • Zyxel_Richard
    Zyxel_Richard Posts: 218  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Hi,


    After double check the screenshot you provided, found one thing strange: The Ethernet client configured in VLAN11 (192.168.2.51) got the IP address in the same subnet as the wireless client connected to SSID1 which is in VLAN1(192.168.2.76).

    So please make sure your gateway setting is correct and able to handle the VLAN11 traffic correctly. (It's also welcome if you can post the screenshot of how you configure your gateway interface and VLAN)

    Besides, your SSID setting is correct, which means the AP correctly send the packets out with tagged 11.

    Best Regards,
    Richard

All Replies

  • Zyxel_Richard
    Zyxel_Richard Posts: 218  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Hi,

    From the screenshot you provided, the configuration on SSID is correct - the AP should forward the clients packet out with the correct VLAN tag.

    Please first make sure the Ethernet cable is connect to AP's [UPLINK] port (Not the LAN port), if the issue still occurs, please help us to collect the diagnostic info on the GUI, and send it to me through the private message.

    GUI Directory for collecting the Diagnostic Info:


    Best Regards,
    Richard
  • Zyxel_Richard
    Zyxel_Richard Posts: 218  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Hi,


    After double check the screenshot you provided, found one thing strange: The Ethernet client configured in VLAN11 (192.168.2.51) got the IP address in the same subnet as the wireless client connected to SSID1 which is in VLAN1(192.168.2.76).

    So please make sure your gateway setting is correct and able to handle the VLAN11 traffic correctly. (It's also welcome if you can post the screenshot of how you configure your gateway interface and VLAN)

    Besides, your SSID setting is correct, which means the AP correctly send the packets out with tagged 11.

    Best Regards,
    Richard
  • Sven_K
    Sven_K Posts: 3
    Options
    Hi Richard,

    thank you very much for carefully reading. I will test this again und search more intensive on the other site of the LAN cable.
    After this i will give you a feedback.
    Thank you again und best regards.

    Sven

  • Sven_K
    Sven_K Posts: 3
    Options
    Hi Richard,

    the IP 192.168.2.... is from out management network. In my tests today I used one firewall port for the management VLAN 1 and another firewall port for some other VLANs (11,12,13, ...).  In this constellation all VLANs are working and the WLAN client gets the correct IP by DHCP over the Zyxel AP. I will do more tests in the next days with the firewall but i think its not the problem of the AP. 

    Many thanks for your help.
    Sven



Categories

WLAN Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)