I picked up two TP-Link EAP610s to replace some old ubiquity equipment. Currently I use pfsense for my firewall/router and it is connected to an Aruba S2500 as well as a cisco sg300. I setup the Omada controller software on a VM and configured the VLANs as well as the SSIDs to match what the ubiquity setup has been. The problem was that the SSID that lives on the “main” vlan doesn’t pass the DHCP addresses when I replaced them in our house. Last night i created a random SSID on the same VLAN with the same settings as our typical SSID and it passed the DHCP info to both my phone and laptop. I’d like to keep the old SSID if possible. When I switch back to the ubiquity access points it all functions again. What am I missing?
When you say ‘main’ VLAN are you saying vlan1? I haven’t messed with Aruba before, but does it have need to have the VLAN tags configured on the controller or need to specify the native VLAN?
Can you connect to the WiFi and then manually enter the IP address to see if you have connection?
@xMAXIMUSx, thanks so much for your response. Yes my ‘main’ VLAN is vlan1. As far as the second question goes I think I understand what your asking, I do have the Aruba VLAN tags setup and double checked to ensure that both ports connected to the access points were tagged with all applicable vlans. I also have configured the wired network VLAN1 information including my Pfsense ip as the gateway in the Omada controller as well.
I did try a static ip within the appropriate range on my phone last night, I wasn’t able to view a local web interface via an ip that I normally should. I will however test further with my laptop later tonight.
Thanks again
Physically everything is the same and you just swapped out the old AP’s for new ones? It sounds like a TP-Link configuration issue. It looks like you have multiple VLans. Do you have to make a trunk profile? I’m sure it’s something simple that’s being overlooked. I’m not familiar with those. I use a nighthawk flashed with OpenWRT as my AP. That was a real blast to set up.
I have a TP-Link EAP 245 running with the controller software.
In the config you have to define a management vlan, while I’ve done this I don’t know what happens if this isn’t set.
If you intend to run multiple vlans then you will have to have them passed via a trunk port.
Last night I found the Management dropdown for each AP. I set them to the main VLAN I use and then installed the two access points. Each device that connected ended up with a link local IP. I tried setting my laptop to a static IP in the appropriate range but was unable to even ping the router. I may try and setup a dedicated management VLAN and see if that helps. I’ll keep digging and see what I can find, but I’m curious if anyone has any ideas.
I’m not totally clear on your setup.
However, on mine it’s
pfsense ->> switch ->> AP
I have the AP connected to the switch via a trunk port passing all the vlans, the device itself is on the management vlan, the controller is too.
I believe if your AP / controller are both on the same network then you should be able to set up one SSiD on that network and it should work. You can also set up a single AP without the controller software too, you might want to test it.
@neogrid thanks so much for the thoughts. My setup is virtually the same as yours. Tonight I went so far as to create a management Vlan and have tried using both my main and new management vlans enabled as management. With that box checked on any access points the gui for Omada shows that the AP had “disconnected”.
I’ve now tried to connect to the TP-Link with each AP as a standalone configured via the web interface, and configured each AP through the controller software. And again the moment I try and connect to them either through my phone or my laptop I get a link local address. If I attempt to set a static ip and connect to the router the device times out. I’ve double and triple checked that the lines between the PFsense box and the switch as well as the lines between the switch and the access points are trunk lines with all VLANs tagged in each line.
Does anyone have any other thoughts or suggestions?
I think you must have a config error in pfSense or not set up your trunk correctly.
However, setting up the AP isn’t that difficult if the above is correct.
These are my settings, most other setting I have left on default.
As I mentioned you can run a single AP without the controller, I would do that and see if it works for you. The settings are basic so how you need to configure it should be clear.
@neogrid Thanks a ton for sharing the info. I did simplify a bunch this morning and more testing tonight. I’ve actually been bouncing the AP’s between two switches. It’s easier for me to physically connect a switch in our laundry room (a small TP-Link) to reset and reprogram etc. Once I was ready to test settings for “real” I’d attach them to the ceiling and see if other devices would act the same as my phone.
This morning I reset one of the AP’s and entered one SSID on VLAN one, I connected my phone to the SSID and was able to get an IP from the DHCP server while the AP was in the laundry room. Then when I installed it on the ceiling in the garage and tried to connect to the same SSID that I just tested, no address from the DHCP server, another link local address. I have a feeling the issue is with tagging. The Aruba S2500 has an access VLAN and a Native VLAN setting for trunks. Could that be part of the problem? I’ll try and dig a little more into vlan specs and see if the Aruba might be following an older spec than the AP can communicate with and what the Native and Access VLAN lingo is about.
Ah ok I think I understand your layout, your router goes to two different switches, then you connect an access point to each switch.
If the above is your setup, to exclude your AP config, if you have a 3rd management switch handy, connect it to your other switch to see if you have configured the port correctly, I’d do this to both switches. That way you know all traffic is being passed on the port you are connecting the AP to.
Then I’d setup the 1st AP in omada make sure that works, then set it in mesh mode, then add the 2nd AP you ought to be able to add this in mesh mode too. I don’t have a 2nd AP myself, so it’s a bit of theory, mesh mode should work seamlessly. If you add the second AP without mesh, I expect it should still work and clients can connect to the AP but I would think the client just sticks to that one even if it’s closer to the other AP on the same SSID.
When I was first setting up my netgear switch I noticed the vlans 1-4 were defaults, so I started numbering my vlans from 10,20 etc. Personally I don’t use the LAN which is on 1 for anything as such. Perhaps if you avoid passing traffic on vlan 1 that might clear it up a bit.