Unifi 6 Lite - Default network works, VLANs without Internet access

475buhkH · September 13, 2021, 10:35pm

cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option packet_steering '1'
        option ula_prefix 'fdd7:10ef:5246::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan'
        option ipv6 '0'

config interface 'lan'
        option device 'br-lan'
        option proto 'dhcp'

config interface 'guest'
        option proto 'dhcp'
        option device 'eth0.2'

config interface 'IoT'
        option proto 'dhcp'
        option device 'br-lan.3'

config device
        option type '8021q'
        option ifname 'br-lan'
        option vid '2'
        option name 'br-lan.2'
        option ipv6 '0'

config device
        option type '8021q'
        option ifname 'br-lan'
        option vid '3'
        option name 'br-lan.3'
        option ipv6 '0'

config device
        option name 'wlan1-1'
        option ipv6 '0'

config device
        option name 'wlan1'
        option ipv6 '0'

config device
        option name 'eth0'
        option ipv6 '0'

config device
        option name 'lan'
        option ipv6 '0'

config device
        option type '8021q'
        option ifname 'eth0'
        option vid '2'
        option name 'eth0.2'
        option ipv6 '0'

psherman · September 13, 2021, 10:38pm

I don't think it'll matter, but remove the br-lan.2 definitions just in case they are causing a conflict.

475buhkH · September 13, 2021, 10:42pm

No change, unfortunately.

psherman · September 13, 2021, 10:43pm

I don't really know why your original config wasn't working, and not sure what to do... I'll keep thinking about it, but hopefully someone else will know.

475buhkH · September 13, 2021, 10:46pm

Thanks, appreciate all the help

475buhkH · September 13, 2021, 10:52pm

Not sure if it matters, but thought I'd add: the router is a Ubiquiti EdgeRouter 4.

psherman · September 13, 2021, 10:54pm

It shouldn't matter, as long as it is properly configured (and it sounds like it is, based on the rest of your network functionality). I am familiar with EdgeOS, too, but I don't really think we need to dig into that side of the equation since we know your other AP is working (I assume that is running the standard Unifi firmware).

475buhkH · September 13, 2021, 10:55pm

Indeed, the other/older AP is running the standard UniFi firmware. Settings are effectively the same, VIDs set up and no DHCP.

psherman · September 13, 2021, 10:57pm

Just for grins, what managed switch(es) are you using? There have been problems with Unifi and DHCP when used with non-unifi routers (i.e. EdgeRouters or other ones entirely) -- mostly in the realm of the APs, but sometimes the switches have been implicated.

475buhkH · September 13, 2021, 11:02pm

I do have an EdgeSwitch, but both of the APs are entering the EdgeRouter via an unmanaged TP-Link switch. At first I thought that would be an issue, but the original AP is working fine so I don't think that's it?

psherman · September 13, 2021, 11:03pm

I'd eliminate all unmanaged switches. It probably isn't the issue, but there are many reasons why tagged networks should never be sent through an unmanaged switch -- most importantly that the behavior is undefined.

475buhkH · September 13, 2021, 11:45pm

I plugged the OpenWrt AP directly into the router, and no change. Base (br-lan) network is working fine, both VLAN networks won't let any devices connect.

psherman · September 13, 2021, 11:47pm

Yeah, I didn't think that the unmanaged switch was actually causing issues in your network currently because you have your other AP working through that switch. But it is generally bad practice to use unmanaged switches with VLANs and some switches will cause major issues.

475buhkH · September 14, 2021, 2:04am

Update: after having reset the router 2x, the second time I set up the second VLAN interface first under 'Wireless'.

Now that wireless network is working (br-lan.2), and the wireless network for the default network (br-lan) is not.

psherman · September 14, 2021, 2:07am

That is bizarre behavior.

I can't help but think that it doesn't like doing VLANs on the bridge itself (as if the bridge is almost like an unmanaged switch), but I have zero proof to back that up, and my idea earlier to try to use eth0 based VLANs definitions didn't work. So I'm a bit at a loss here, but I'm really curious to know about the actual root-cause of the problem and the optimal solution.

475buhkH · September 14, 2021, 2:38am

Ignore. It's late and I accidentally assigned the wifi network to br-lan instead of br-lan.2.

Sorry for wasting your time.

psherman · September 14, 2021, 2:39am

I've done similar things... no worries. But please update this post as you learn more.

475buhkH · September 14, 2021, 5:32am

For yourself and all the other lost souls making their way through the Internet trying to set this up: made it work thanks to this topic Trouble configuring VLAN on Unifi 6 Lite WLAN AP.

Turns out all I had to do:

Install ip-all
Clean up the config (only leave br-lan definitions, loopback etc)
Add the following to /etc/config/network, reboot, let LuCI do its thing, assign SSID

config interface 'guest'
	option type 'bridge'
	option proto 'static'
	option ipaddr 'xxx.xxx.xxx.2'
	option netmask '255.255.255.0'
	option gateway 'xxx.xxx.xxx.1'
	option ifname 'lan.2'

Close to 3 full nights for a 20 second fix. Sounds about right

tmomas · September 14, 2021, 5:35am

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.

system · September 24, 2021, 5:36am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.