Hi,
I am in the process of rolling out VLANS for my home network. My network is
- RPi 4b as a router
- Managed Switch
- Three Access Points
-
- Unifi AP AC LR
-
- Two TP Link EAP-245
My VLAN IDs (numbers) are:
- LAN: 99
- GUEST: 3
- IOT: 4
- IOTExternal:5
I was able to setup the VLANs on the RPi, the managed switch and the Unifi AP with a bit of work. These were all DSA configurations.
I cannot get the VLAN's to work on the TPLINK EAP245. The VLAN configuration appears to be a combination of SWCONFIG and DSA. For example, I have the Network->Switch option to configure VLANs. But then there is no physical settings tab for configuring the interfaces. And I have the option of setting up Bridge VLAN Filtering under the device configuration options.
Here is my current Network configuration. I have added the VLANs via the Bridge VLAN Filters and created the interfaces.
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd39:18f0:a4ad::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0.1'
option stp '1'
config interface 'lan'
option device 'br-lan.99'
option proto 'static'
option ipaddr 'xxx'
option netmask '255.255.255.0'
option gateway 'xxx'
option broadcast 'xxx'
list dns 'xxx'
option ip6assign '60'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '2 5 0t'
config bridge-vlan
option device 'br-lan'
option vlan '3'
config bridge-vlan
option device 'br-lan'
option vlan '4'
config bridge-vlan
option device 'br-lan'
option vlan '5'
config bridge-vlan
option device 'br-lan'
option vlan '99'
list ports 'eth0.1:u*'
config interface 'GUEST'
option proto 'dhcp'
option device 'br-lan.3'
config interface 'IOT'
option proto 'dhcp'
option device 'br-lan.4'
config interface 'IOTExternal'
option proto 'dhcp'
option device 'br-lan.5'
I cannot get the access point to accept tagged packets.
It seems like the Switch Config is creating an eth0.1 VLAN that feeds into br-lan.
I think I may be creating nested VLANs and that's why it isn't working.
I've tried creating VLANs via the Network->Switch Configuration and then adding eth0.3, eth0.4, eth0.5, and eth0.99 to the br-lan interface and then creating Bridge VLAN Filters for br-lan.
This is the configuration on my switch. LAN2 is for the Access Point that doesn't work. I have it set to untagged for now. LAN6 is for the access point that does work. If I set LAN2 to all tagged, the VLAN's don't work on the EAP245 access point.
Thanks for the help.