I’m having an issue with configuring my TP-Link EAP615-WALLv1 AP and hoping someone can help me out. Here’s brief run down of my setup and what I’m trying to do…..
Network setup
Arris Modem —> (WAN) pfSense SG2100 (LAN port 2) —> (port 20, VLAN20) Netgear GS728TPv2 (port 19, VLAN20) —> TP-Link EAP615-WALLv1 (being used as an AP only)
There’s more to the setup but this is what I’m focusing on for now.
So I flashed the latest version of OpenWRT (v23.05.2) and have configured it accordingly It has a static IP of lets say 192.168.20.2 and I’ve created an SSID. I want to add a guest SSID and have on VLAN21, however I can’t seem to get it working. The switch port that the AP is connected to has VLAN21 as tagged. After reading some info online from this webpage, it looks like I have to configure the AP differently than its current configuration (this page says the device needs to be configured using the newer DSA-based VLAN switch configuration). I’ve tried to follow the examples but I end up losing connection and can’t get back to it.
Can someone give me some guidance/suggestions on how to get it configured properly? If you need any info, I will gladly provide it. TIA
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
cat /etc/config/wireless
Hi @psherman, thanks for the response. Below is the output of what you requested. Please note that I haven't set anything up yet since I had to reset the device the last time I tried to configure it and only have basic configuration to access it. Also wifi doesn't have the guest wifi yet due to previous reason.
I should have asked you what physical port is used to connect the EAP615-WALL to the upstream switch, but I'll assume it is lan0. If it is something else, you can adapt acordingly.
Start by adding two bridge-vlans:
config bridge-vlan
option device 'br-lan'
option vlan '20'
list ports 'lan0:u*'
list ports 'lan1:u*'
list ports 'lan2:u*'
list ports 'lan3:u*'
config bridge-vlan
option device 'br-lan'
option vlan '21'
list ports 'lan0:t'
Now, edit the lan network interface to use br-lan.20:
config interface 'lan'
option device 'br-lan.20'
option proto 'static'
option ipaddr '192.168.20.201'
option netmask '255.255.255.0'
option gateway '192.168.20.1'
list dns '192.168.20.1'
Finally, add the guest network interface:
config interface 'guest'
option device 'br-lan.21'
option proto 'none'
Now, you can add a new SSID and tie it against the network guest and you should be good.
The upstream network must have VLAN21 configured properly and it must be tagged on the switch port that connects to the AP.
Ok so you want me to add that in conjunction with the current info in /etc/config/network? Or am I replacing something in the current config with your config? Just wanted to make sure I have it right.
You sir, are a scholar and a gentlemen. That worked! Thank you so much for that. I tried everything based on that article I referenced. However I didn't leave the original config in there, so that may have been the issue. Stoked to get this working. Thanks again for your help and insight, it is much appreciated
@psherman apologies but I have more thing I need help on with this device....I am trying to do a MAC-based VLAN.
So the setup is the same but here is the updated version since you were able to help me:
Arris Modem —> (WAN) pfSense SG2100 (LAN port 2) —> (port 20, VLAN20 untagged) Netgear GS728TPv2 (port 19, VLAN20 untagged, VLAN21 tagged, VLAN1 tagged) —> (lan0, VLAN20 untagged, VLAN21 tagged, VLAN1 tagged) TP-Link EAP615-WALLv1 (being used as an AP only).
I want to be able to pass my laptop thru to VLAN1 (my LAN) via a MAC-based VLAN. I have already added my laptops MAC address to the switch and told it to pass it thru to VLAN1. I added another device and interface too the AP via the way you showed me above and assigned that VLAN to the wifi.
When I tested it, my laptop was able to connect and it did get an address from VLAN1, however it took almost 5 minutes for it to get the address from the firewall. this also happened when I added my Apple TV's MAC address....it took only a couple minutes tho. As another test, I added my cell phone's wifi MAC address to the switch and tested and it received an IP from VLAN1 almost immediately.
Would you have any idea as to why my cell phone got an IP from the LAN almost immediately, whereas my laptop and Apple TV took much longer to get one?
I honestly don't know... I've never setup MAC based VLANs. Maybe a new thread for this question would make sense -- this way the title of the thread will draw in the right people to help.
