Hello everyone.
At my home I have two TUF-AX3000v2 models.
I want them to connect as wireless bridge (no fancy CAT cabling here), and for both to also work as Access Points, offering the main network (VLAN 1) and the guest network (2.4Ghz) with VLAN 501.
Because I have a proper L7 firewall, I want to only use these as Access Points. ASUS is making this difficult because the VLAN support is inexplicably disabled when in AP mode, rendering the guest mode useless. Asus website and "documentation" is just abysmal.
Running these in AiMesh Router mode lets me use the 501 VLAN, but the guest network DHCP cannot be disabled, and it is hardcoded to dish out 192.168.103.x addresses with the main router as the gateway and DNS.
I flashed both to latest FreshTomato v2026_1 which allows using custom dnsmasq and startup scripts to kill the DHCP functionality. Now, the primary router works perfectly, but...
...the secondary AiMesh node seems to work well and broadcasts the main and guest network SSIDs but connecting to the guest network connects to the main VLAN 1 for some mysterious reason.
Yes, "Guest network on AiMesh" is set to "All Aimesh Node(s)".
ip -d link show | grep 501 on the main AiMesh router shows lots of VLAN information on interfaces but same command comes up with nothing on the secondary node.
Rebooting either unit has not helped. The guest network was created after these two were AiMesh paired.
Is the above scenario something that should be doable with either FreshTomato or some other firmware such as asuswrt-merlin.ng using these two wireless units? Should I just hard reset both and try again once more? Ideas?
At my home I have two TUF-AX3000v2 models.
I want them to connect as wireless bridge (no fancy CAT cabling here), and for both to also work as Access Points, offering the main network (VLAN 1) and the guest network (2.4Ghz) with VLAN 501.
Because I have a proper L7 firewall, I want to only use these as Access Points. ASUS is making this difficult because the VLAN support is inexplicably disabled when in AP mode, rendering the guest mode useless. Asus website and "documentation" is just abysmal.
Running these in AiMesh Router mode lets me use the 501 VLAN, but the guest network DHCP cannot be disabled, and it is hardcoded to dish out 192.168.103.x addresses with the main router as the gateway and DNS.
I flashed both to latest FreshTomato v2026_1 which allows using custom dnsmasq and startup scripts to kill the DHCP functionality. Now, the primary router works perfectly, but...
...the secondary AiMesh node seems to work well and broadcasts the main and guest network SSIDs but connecting to the guest network connects to the main VLAN 1 for some mysterious reason.
Yes, "Guest network on AiMesh" is set to "All Aimesh Node(s)".
ip -d link show | grep 501 on the main AiMesh router shows lots of VLAN information on interfaces but same command comes up with nothing on the secondary node.
Rebooting either unit has not helped. The guest network was created after these two were AiMesh paired.
Is the above scenario something that should be doable with either FreshTomato or some other firmware such as asuswrt-merlin.ng using these two wireless units? Should I just hard reset both and try again once more? Ideas?
