03-04-2019 04:11 PM
Hello,
I recently bought a WAP125 AP for my home/business setup to segregate my wifi network to a secure, guest and eventually an IoT network using VLANs.
My current setup is as follows. One cable from my pfSense box, igb2 port to port one on the TP-Link TL-SF105E switch then port 2 from switch to the wap125 AP.
I have both VLAN interfaces setup on pfSense VL10_wifi (192.168.10.0/24) and VL20_guest (192.168.20.0/24) with DHCP Servers setup for both VLAN interfaces, all open rule for both interfaces
Switch is setup as:
VLAN ID 10 has port 1 tagged and port 2 untagged. PVID has port 1 set to id 10 and port 2 set to id 10
VLAN ID 20 has port 1 tagged and port 2 tagged.
AP WAP125 setup:
IPv4 static config: 192.168.10.2, gateway 192.168.10.1, DNS 192.168.10.1
Radio 1: VLAN ID 1, SSID1
VLAN ID 20, SSID1_Guest
Radio 2: VLAN ID 1, SSID2
VLAN ID 20, SSID2_Guest
On VLAN 10 I have no issues to access the internet. All devices receive an IP address from the DHCP server on the pfSense box. For VLAN 20, I’m unable to access the internet however the devices do get an IP address.
Is the problem caused by the tagged/untaged of radio 1 and 2 VLAN 20? Any help would be much appreciated.
Thanks,
Solved! Go to Solution.
03-05-2019 12:04 AM
Hi,
First, please check whether you are able to get the Internet access once you directly connect a PC/Laptop on pfSense VL20_guest (192.168.20.0/24) interface. In case that is working fine and you are not able to access the Internet upon connecting a Laptop on the VLAN 20 (DHCP Enabled) in TP-Link Switch then please verify whether the necessary route has been added on the pfsense and the TP-Link Switch (default route) to provide the Internet access. And in case the Internet is working fine on both the VLANs individually on the Switch but not on the VLAN20 SSID then you need to cross-verify the VLAN tagging on the AP connected port, you may change the tagging and check.
Note: As you have mentioned that you are able to configure VLAN tagging on the Switch port so it will be a manageable Switch where you can add the IP address / route detail.
03-04-2019 04:40 PM
03-04-2019 07:06 PM
03-05-2019 12:04 AM
Hi,
First, please check whether you are able to get the Internet access once you directly connect a PC/Laptop on pfSense VL20_guest (192.168.20.0/24) interface. In case that is working fine and you are not able to access the Internet upon connecting a Laptop on the VLAN 20 (DHCP Enabled) in TP-Link Switch then please verify whether the necessary route has been added on the pfsense and the TP-Link Switch (default route) to provide the Internet access. And in case the Internet is working fine on both the VLANs individually on the Switch but not on the VLAN20 SSID then you need to cross-verify the VLAN tagging on the AP connected port, you may change the tagging and check.
Note: As you have mentioned that you are able to configure VLAN tagging on the Switch port so it will be a manageable Switch where you can add the IP address / route detail.
03-06-2019 04:43 AM
03-06-2019 04:51 AM
Hello and thank you for all your replies.
It turns out it was a rule issue with the vlan 10 interface. I'm now able to access the internet on both interfaces however I'm still testing to make sure.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide