Hi BB,

Yes, its Internet-->Synology Router-->SG300-->Synology AP.   I have all ports Trunked and Admit All.  All ports are untagged under default VLAN 1.  I have two ports tagged under VLAN 1733 (Router & AP). 

Membership shows all ports as 1UP.  Two ports have 1733T.  It will not allow more than one untagged port in Trunk mode. 

I will review and see if I am missing anything.  Maybe change two General mode?

Hi BB,

I untagged both the router and AP port and changed the PVID to 1733.  All clients loose internet connection (primary and guest network).  Every attempt to change the PVID from the default VLAN 1 to 1733 on either port makes this happen.  Once I moved the ports back to PVID VLAN 1, access to the internet resumes. However, the guest network off the AP still does not work. 

Suggestions?

I also had the same issue as the OP. I have a mix of Cisco switches (SG300, SG200, Catalyst 2960-L), Zyxel, and Netgear switches (all managed). I wanted to solve the issue of the Guest WiFi not working on my Synology APs (MR2200ac), which aren't connected directly to the RT2600ac but go through other switches (I had no trouble accessing the Guest WiFi from the RT2600ac). I was also interested in using VLAN 1733 for a couple of switch ports.

So, I changed all trunks between my switches and between the switches and all Synology devices) to allow VLAN 1733 (in addition to also allowing other VLANs, including the default VLAN 1). Note that I defined the ports that all Synology devices are connected to as trunk ports and not access ports.

Lo and behold, I was able to access the Synology's Guest WiFi from the MR2200ac. However, after a couple of hours, I could no longer access the Guest WiFi from the MR2200ac.  I suspect that there's something funky going on with how Synology uses STP. So, I only turned off RSTP or the ports that the Synology devices are connected to. Then, Guest Wi-Fi started working again with the MR2200ac. However, a couple of hours later, it stopped working on the MR2200ac. I am not sure how to resolve this. I did not want to turn off RSTP altogether in my switches, since I rely on RSTP for link redundancy.

So, Guest WiFi on the MR2200ac, when going through switches that use STP, seem unstable. I got it working twice (with and without turning off RSTP on the individual ports that the Synology devices are connected to), but somehow, after things work, then when I try to login to the Guest Wifi on an MR2200ac again later, I can't get an IP address. 

Below are some references that you might find useful:

https://community.synology.com/enu/forum/2/post/127186?page=1&reply=432669

How_do_I_set_up_Wi_Fi_system_with_managed_switch

Please post if you find a resolution.

Thanks Randman,

I am familiar with both links.  The Cisco link was my go-by and it never worked.  I think the 2600 cannot understand VLAN tags. I had my router and WP port as VLAN 1UP and VLAN 1733T.  Guess network from the WP would not work, but primary had no issue.  I tried in Trunk and General mode.  When I tried VLAN 1T and VLAN 1733UP, no one could get out. 

VLAN 1 is my current default. I will experiment and change it to 1733.  I will keep you posted.

Randman,

I changed the default VLAN to 1733.  It did not work the way I wanted. 

The only thing that work was to connect directly to the router and I checked off "Allow guest to connect with each other."  I have a wired house which helped.  Did not need to change RSTP settings.  Its been stable with the same speed as my primary network.  

Otherwise you could use the switch, but I had to allow guest to my LAN and they get an IP address from the primary DHCP.  I did not got this route for obvious reasons.  

Synology needs to allow SSIDs to be tied to VLANs just like Cisco's APs. 

JD