AImesh first timer and couple of quick ac router questions

[yodamin]

HI,

I purchased an AC5300 last year - just for the wifi - I run pfsense as my main router/firewall. I connect the Ac5300 to the PFSense router on a LAN port of the AC5300 - I don't use the WAN port because it introduces double Nat and I don't want to deal with that.

There does not seem to be a way to completely disable the WAN port like there is in DDWRT. Can anyone make any suggestions or have any ideas on how I can do this?
The router is definitely connected to the internet (my whole house uses WIFI except me and if it wasn't connected DADDY would be in trouble yet when I do a firmware upgrade check it fails and asks me to connect the outer to the internet; meaning it is specifically attempting to use the WAN port instead of the normal route tables that all other clients are using. Is this silly piece of function hard coded or can I change that somehow so the firmware check button wil take the same route as all the other clients. Maybe disabling the WAN port would make this button work as expected?

Finally, I purchased another AC5300 and it arrived today. I set it up as a mesh node and the main router says it is using the WIFI-02 as the dedicated wireless back-haul or WIFI_dwb as it is so named. After setup I unplugged the node and placed it approx. halfway between the dead-zone and the existing WIFI router as described in the setup process and turned it on.

I then walked around with my cell phone and WIFI analyzer running - it cannot detect the wifi node at all even though it has been turned on for more than an hour now and the router shows it is using the back haul WIFI2 - the node does not show up in the network map under AIMESH nodes - it still says 0 nodes - how long will it take for the 0 to turn to a 1?

Would there be anything else you guys can advise me on how to manage this mesh network. I am no stranger to networking but, this is my first mesh network.

Thank You all ahead of time.

 

[yodamin]

Oh yeah, I also notice the AC5300 router says it has never sync'd the time with the timer server. Again, this is my PFSense router and all the clients sync with it just fine except the AC5300. Sigh...this is why i usually stay way from residential stuff. The one time I tried plugged the LAN cable int the WAN port of the AC5300 no client can get a DHCP from the PFsense router - if I could arrange for a DCHP/DNS/and everything else pass - through while connected to the WAN port this wouldn't be an issue but, residential stuff....does any ASUS reps ever browse these forums or should I go submit feature request list to ASUS? Had I know the first router wouldn't cover my whole house (it says 5400sq ft coverage on the box, I have a 4200 Sq FT home...) I would have bought an Aruba, Cisco or Ubiquiti -ugh my last choice for sure - kit to do my home WIFI. But Approx $400 vs 2K is aweful tempting for me, and know I got 2x AC5300 so $800.00. Still better than 2-4K though for the commercial units. However, if I can't get it to work for me, then the 2K would be worth it and I'll sell these to "things" and go out and get eh 2K units. I just WANT to make these work is all. I got a hard head and keep thinking, "there MUST be a way!"

 

[Tucu]

AiMesh likes to play the role of router. For your use case just disable it and configure the two AC5300 as APs; preferable wired to your switch via a LAN port. If you need a wireless backhaul, configure one of the 5Ghz radios as a bridge.
As a side note: if you are going wired, having two AC5300s is overkill. Cheaper and smaller dual radio 3x3 (or even 2x2) routers/APs would do the job.

 

[yodamin]

@Tucu - TY for your comments I appreciated the time anyone takes to help me out. IN my case 2x AC5300 are not overkill. I serve wifi to my 4000sq ft 3 story home with these two devices. I have a good signal at the end of my 50 foot driveway and at the farthest point of my "175 foot away from from the house" back yard. It is a fairly old house and has a center core that started out as a 1000 sq ft home in the 1950's and had the rest built around it over time. So, there is a LOT of interference due to old cement walls, old chimney stacks that were never removed just walled around (2x4 studded walls put up around these existing structures to cover them and support the newer house being built around it) and old electrical/plumbing/duct work in the center core of the house. Without the interference I am sure 1x AC5300 would be enough but in order to get full coverage I have both on the top floor of the house (which is all new, has less walls and less interference than the basement and ground floors) and one in each corner. I put one in the center of the house to being with and the outer fringes of the house got a very weak signal. I discovered this buy buying one and using it for a few months to test. With one of these I get about halfway to the end of my backyard and the wifi signal drops. I get almost to the end of my driveway and no signal. With two I get almost full bars at the edges of my property (four out of five bars on my android phone) and full bars literally every where inside my house.

The interference is so bad that my mother in laws devices connect to different routers Even though the devices are fairly close to each other about 25 feet apart in the same bedroom.
SO my office is next to her bedroom.
In my office I have a router.
In my bedroom which is approx. 40 feet away on the other side of the house I have the mesh node.
The routers are connected via wifi back haul.
My mother in laws bedroom walls connect to both my office and my bedroom.
My mother in law's bedroom is roughly 20 feet by 30feet sq.
The wall in her bedroom, that connects to my office, is very close to where she has her TV and laptop.
The wall in her bedroom that's farthest way from my office is where she has her google home device.
The TV and Laptop connect to my AP router in my office.
The google home device connects to the mesh node in my bedroom - interference is THAT bad between rooms in this house.
The two routes are situated where they are because there is a fairly large landing and hallway with no walls on a line of site between my office and my bedroom. (one office wall - nothing inside it except air and one bedroom wall with nothing inside it except air). Enables the WIFI back haul to maintain a "Great" connection while providing service to all areas of my house and property.

You would really have to see it for the explanation to be truly understood but trust me I used to install AP's in fairly large retail stores and business's and am familiar with locations for AP's that work best.


OK for anyone who comes here in the future:

PFsense is my main router/firewall with 4 nic ports
#1 to ISP modem
#2 to internal home network/wifi
#3 to isolated work network/wifi
#4 unused
original router = AP Router
second router = mesh node

I switched the original router to AP mode instead of router.
This turned my WAN port into another switch port (bonus).
I then upgraded the firmware on the AP router and once done the mesh node router was showing in the network map and I could access it via the AP router.
SO when I look at the network map I see AiMesh Node: 1 now instead of 0.

Then I immediately upgraded the mesh node firmware to the same version as the AP router as is suggested by Asus and a few other websites I used to research.
You can update the firmware of the mesh node from the UI of the AP router. (side menu = administration->click firmware tab.)
You can access the mesh node config. from the AP router by clicking AiMesh on the side menu then click on the name you set for your mesh node when configuring it. Then on the right, click on the "management" menu.

On pfsense I statically map all devices in my home. The devices are all mapped outside of my DHCP scope as required.
For example, if my DHCP scope is 100-200 all devices that are statically mapped would need to be mapped to IP address lower than 100 and higher than 200. So, 1-99 and 201-254.
I do this so that when I check logs or currently connected devices or I suspect hacker activity I can easily identify "is it a device native to the house" or a "visiting" device of a friend, visiting family member or an intrusion/hacker of some sort. All "visiting" devices get an IP between 100 and 200.

I got the time sync working by adding the AP Router and mesh node mac/IP and host name's to my mapped DHCP devices in the PFSense firewall. I do not know why I HAD to do this to get it to work as my friends and visiting family's devices all seem to have no trouble syncing even though they are not statically mapped within my DHCP server, could be a Asus thing? or a pfsense thing? Who knows - but it is what it is.