Switch capabilities of AIMesh Nodes?

[TD99]

You've got a few things configured differently on the managed switch than how I have it (I have the same switch and with my setup it's working perfectly) that have me wondering if that's your problem. Since you're only using ports 2 and 3 for VLAN tagging do the following: On your 802.1Q VLAN settings for VLAN ID 52 set 1-3 as your member ports, 1 as your tagged port, and 2-3 as your untagged ports. Then on your 802.1Q PVID settings just set 2 and 3 to 52.

This is what is detailed in the TP-Link community forum reference.

Yeah, I tried that before.
I just tried it again and this is what I get:

 

[Seth Harman]

Yeah, I tried that before.
I just tried it again and this is what I get:

View attachment 66234
View attachment 66235
View attachment 66237

View attachment 66238

I think this is pretty solid evidence that backhauls have to be on VLAN ID 1 or they fail so, unfortunately, this may not be solvable which is a bummer.

Specifically, it's likely not going to be solvable with your current hardware. It MIGHT be solvable if you had a managed switch that can do MAC-based VLAN tagging but we're talking serious money for those.

 

[jksmurf]

I think this is pretty solid evidence that backhauls have to be on VLAN ID 1 or they fail so, unfortunately, this may not be solvable which is a bummer.

I am pretty sure (... someone will probably tell me different issue in a minute ...) this is (in a roundabout way) what I concluded back in posts 26 and 28. I noted " I kept losing access to the Switch and to the Mesh Node."

I also said "... had a heck of a time keeping the Node connected just as a mesh,.." which is what I believe @TD99 is seeing.

[EDIT]. Appreciate my trials referred to above were Ethernet-based.

@TD99 has routers on 3004.386 firmware. @jksmurf has routers on 3004.388 firmware.

wrt Wifi, wondering if this might actually have a bearing on it. As per my original response to @TD99 issue, my subnets are getting assigned just fine; for wifi clients on the nodes.

 

[Seth Harman]

Tech9 said:
@TD99 has routers on 3004.386 firmware. @jksmurf has routers on 3004.388 firmware.

wrt Wifi, wondering if this might actually have a bearing on it. As per my original response to @TD99 issue, my subnets are getting assigned just fine; for wifi clients on the nodes.

I'd agree that specific firmware revision is probably the culprit.

 

[visortgw]

I'd agree that specific firmware revision is probably the culprit.

Or, it could be due to the fact that the "primary router" is in AP mode — uncharted territory...

 

[jksmurf]

Or, it could be due to the fact that the "primary router" is in AP mode — uncharted territory...

True... maybe we can ask him to try it in Router mode to test the theory

 

[Seth Harman]

True... maybe we can ask him to try it in Router mode to test the theory

Nah, just check Asus' excellent documentation for the answer You know jokes aside, I'm assuming he disabled DHCP on the main router since he's got pfsense doing it so maybe that also turns off the GNP DHCP server(s)/disables the VLANs. Maybe enable DHCP on the main router and disable that functionality on pfsense and see what happens?

 

[TD99]

Maybe enable DHCP on the main router and disable that functionality on pfsense and see what happens?

Going to try that right now...

 

[TD99]

Put the RT-AX86U Pro into Router mode. Same results.
Wireless devices connecting to node get a regular 192.168.10.XXX address instead of 192.168.52.XXX.

My Workout Room node:

Wireless devices that connect to the main RT-AX86U Pro router, get a .52 address just fine:

TP-Link TL-SG108E switch settings:

If I set PVID on Port 2 and Port 3 to VLAN 52, they become disconnected from AiMesh.

Under Port Statistics, I see a lot of bad Rx packets:

I think I am chasing my tail at this point and probably need to stop using Guest Networks/VLAN altogether in my particular configuration/scenario.

 

[jksmurf]

Put the RT-AX86U Pro into Router mode. Same results.
Wireless devices connecting to node get a regular 192.168.10.XXX address instead of 192.168.52.XXX.

My Workout Room node:

Wireless devices that connect to the main RT-AX86U Pro router, get a .52 address just fine:

TP-Link TL-SG108E switch settings:

If I set PVID on Port 2 and Port 3 to VLAN 52, they become disconnected from AiMesh.

Under Port Statistics, I see a lot of bad Rx packets:

I think I am chasing my tail at this point and probably need to stop using Guest Networks/VLAN altogether in my particular configuration/scenario.

Up to you and I understand the frustration.

If you do decide to chase it down, do you happen to have a picture of the AIMesh settings and some of the DHCP settings of the VLANs in the GNP setup GUI (i.e. not using pfsense, to take that out of the equation)?

 

[TD99]

Up to you and I understand the frustration.

If you do decide to chase it down, do you happen to have a picture of the AIMesh settings and some of the DHCP settings of the VLANs in the GNP setup GUI (i.e. not using pfsense, to take that out of the equation)?

I have everything on a single SSID now (sucks, I know), but AiMesh is now working fine and all clients are connected with their proper DHCP addresses. Back to using my unmanaged NETGEAR GS108 switch that a Frontier tech gave me for free.

Family is already on my back about the wi-fi bouncing so many times, and I can't spend any more time on this project at this time.

Maybe someday Asus will release a firmware update to allow the older routers to play nicely with VLANs -- assuming the internal hardware can handle it.

Will stay subscribed to this thread to watch any possible further developments...

I truly appreciate all the help and input everyone has given!!!

 

[Seth Harman]

I have everything on a single SSID now (sucks, I know), but AiMesh is now working fine and all clients are connected with their proper DHCP addresses. Back to using my unmanaged NETGEAR GS108 switch that a Frontier tech gave me for free.

If GNP/VLANs aren't an option you could revert to non-3006 firmware and install YazFi until such time as you upgrade your AiMesh nodes.

 

[TD99]

If GNP/VLANs aren't an option you could revert to non-3006 firmware and install YazFi until such time as you upgrade your AiMesh nodes.

I was thinking, since all network traffic routes through my pfSense firewall, I set up some rules so that any wireless device (192.168.2.XXX) can only access the main Asus RT-AX86U Pro router (192.168.2.2, running in AP Mode), the physical ethernet interface port on the pfSense (192.168.2.1) and out to the internet. Any attempt to communicate on any other local private address (192.168.0.0/16) will be blocked.

So far, this seems to be working for me.

 

[Tech9]

If GNP/VLANs aren't an option you could revert to non-3006 firmware and install YazFi

The end result will be the same - main router only.

 

[bennor]

If GNP/VLANs aren't an option you could revert to non-3006 firmware and install YazFi until such time as you upgrade your AiMesh nodes.

Note that YazFi is main router ONLY. It doesn't work on AiMesh nodes. Per the original developer:

YazFi doesn't work on Aimesh nodes. The guest network on the node will be unrestricted