Multiple VLANs with NWA50AX and dumb router
Freshman Member
Hi! I've seen a couple of threads on similar topics, but none that helped me unfortunately.
I'm trying to set up my NWA50AX so that each of two SSIDs is used by a different VLAN. I'm running the AP behind two GS1900-24E switches and a dumb router (no VLAN support) that is also the DHCP server. I've got disjoint VLANs working on both switches, but failed every attempt to include both VLANs on the AP. SSID1 with VLAN 1 works just fine, SSID200 with VLAN 200 never receives an IP address, so the packets to or from the router get dropped somewhere.
My current assumption is that the AP somehow is unable to forward the untagged packets that return from the router to the appropriate SSID that hosts the target IP. Maybe it forces PVID 1 and thus all untagged packets that should go to SSID200 are dropped? I have a strong feeling that something is going on in the AP under the hood that is preventing my setup. Of course it's still more likely that the problem is in front of the screen and I've just tried so many things that I don't see the real problem, so I'm hoping somebody can help me out.
I'll be happy to send out the current settings I'm using on the switches and the AP, but I'm not convinced they are helpful just yet, because I've got a variety of things working and I've tried a variety of settings for the port "paths" between AP and router and none got me past "SSID1 works, SSID200 doesn't".
All Replies
-
Hi @Decado ,
To ensure your wireless clients can effectively utilize VLANs, I recommend upgrading to a VLAN-supported router. For network synchronization, I suggest considering one of the following Zyxel firewall/routers, all of which support VLAN functionality
Engage in the Community, become an MVP, and win exclusive prizes!
0 -
Right, I can spend money to solve the problem. Or I can try to solve the problem without spending money, which is what I need help with. If there is no solution I'd like to learn and understand why, and will be happy to spend money afterwards.
1 -
I bought a USG LITE 60AX which does all I want. I would still like to understand the problem I was having initially for my own education:
My current assumption is that the AP somehow is unable to forward the untagged packets that return from the router to the appropriate SSID that hosts the target IP. Maybe it forces PVID 1 and thus all untagged packets that should go to SSID200 are dropped?
0 -
Your dumb router has one untag LAN subnet tags do not work on it so AP sends a tag to a router that allows untag packets.
Their might of been a way to use many ports on the switch and router to untag a tag to the router but this would still mean your on the same subnet.
0 -
I had a similar problem and it turned out that one of my dumb (unmanaged) switches did not support VLAN pass-through. It was a TP Link 2.5G switch. When I changed it with a Netgear, all the VLAN's started working. It took me a while to figure it out, but some dumb switched (even new ones) do not support VLAN pass-through. I also have a Zyxel MG-108 in my network, and it passes through the VLAN's as well.
George
0 -
Thanks for chiming in guys!
The router reiceives only untagged packets - I set up the GS1900-24E that sits between to "untagged" for all VLANs (otherwise no device on a VLAN would even be able to talk to the DHCP). VLANs on the switch work perfectly fine in my setup, it's just the second SSID on the AP that somehow can't talk to the DHCP (the first one, being explicitly tagged as VLAN1 can!).
So I'm sure that VLAN tags work in all of the network except the router, but setting that one explicitly to receive only untagged traffic worked fine for all cases except the one with the AP involved.
0 -
All your really do is making another SSID on the same network so make the SSID on VLAN 1
0 -
There's one SSID on VLAN 1 which works fine. The second one I'm creating, which I don't want on VLAN 1 but on VLAN 200, is the problematic one, it never receives an IP.
0 -
But it would of made no difference with a dumb router if you have different SSID on different VLANs the result would be your getting the same IP subnet the dumb router gives out.
0
Zyxel Employee
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
