NAT acceleration in AP mode?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.


Occasional Visitor
Sorry for opening 2 threads in a short time but this is not related to my other post.

I have an AC66U with Johns Fork running in AP mode. When setting up multissid with vlan tagging (the tags then are send to my opnsense which is doing the rest) I had a big issue. When first connecting to any of the SSIDs, everything worked. I get IPs from my opnsense DHCP for the correct VLANs IP range and everything is correct. When I then connect the same or any otehr device to another SSID/VLAN, it also gets the correct IP from DHCP. But the traffic was tagged with the wrong vlan, so my firewall blocked all traffic because someone from VLAN x but with IP from VLAN y tried to send data. After a lot of testing it looked like, after each reboot, the first "used" vlan wins and all other traffic gets the same vlan tag.

Whe I tried to find out whats going on there and if the config error is on my AC66U or the opnsense, I've enabled traffic monitoring on the AC66U. Suddenly, the issue was gone.

I don't know much about networking so I hope someone could help me understand whats going on there. My rough idea is: traffic monitoring disables hardware acceleration, with hardware acceleration, maybe it"optimizes" packets so that it only looks in the first packet and then just appending the same vlan tag for all future packets.

  • Could my theory be true?
  • What is NAT acceleration doing on AP mode, since there is no NAT?
  • Is it possible to disable it via nvram settings instead of enabling unneeded features?


Part of the Furniture
As you said, in the normal AP mode there is no routing happening so hardware acceleration shouldn't have any effect. However, I suppose it's possible that your messing around with the interfaces has confused it in some way.

To disable CTF use the following commands:
nvram set ctf_disable_force=1
nvram commit
EDIT: Looks like you're repeating the same process discussed in this thread:
Last edited:


Occasional Visitor
Thanks, I'll put that in my script so I can stop the traffic monitoring. Yea it seems to be somehow related to the issue in your linked post.

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!