OzarkEdge
Part of the Furniture
Sure seems like it's effectively all the same stuff but with the same ongoing mess of different marketing.
OE
Sure seems like it's effectively all the same stuff but with the same ongoing mess of different marketing.
OE
Tech9
Part of the Furniture
Not really. Routers with Smart Home Master don't have user configurable VLAN options. It's sort of stripped down Guest Network Pro.
Exactly. Simply put, you can connect mesh nodes, but there are limitations on WiFi bands per interface and VLAN propagation to the nodes Ethernet ports.
I did some more testing and have some good news... well, good for me at least...
To recap, I originally wanted all IoT devices (Alexa, cameras, smart switches, Govee, etc.) to be on their own guest network VLAN but could never get it working with my current hardware. In the end, I was able to solve the issue and separate traffic from those devices and my local computers by creating some firewall rules on my pfSense firewall.
But I still wanted to have basic guest network functionality when friends and family do come over (because apparently Verizon's signal is crap in my house and they want to use my WiFi -- I'm personally on T-Mobile).
This especially hit me hard this past weekend because we had some neighbors over and I was forced to connect them to my main SSID due to lack of a Guest Network. They were on iPhones and somehow they managed to figure out my SSID's password (which I've since changed)!!! I'm not an iPhone user, so I have no idea how they figured it out.
Anyway, my "a-ha" moment earlier today was to simply enable Guest Network Pro on only my main RT-AX86 Pro router in my office, which is directly above the family room where my guests tend to hang out.
This is what I did...
- Enable the unused Ethernet interface on my pfSense firewall (named OPT2) with a static IP of 192.168.3.1.
- Create a new VLAN52 interface in pfSense and assign it to the OPT2 interface with an IP range of 192.168.52.1/24.
- Create a new DHCP server on the VLAN52 interface with a range of 192.168.52.101 to 192.168.52.199.
- Connect a short Ethernet cable from the OPT2 port on the pfSense to LAN Port 4 on the RT-AX86U Pro.
- On the Asus GUI, create a new Guest Network on VLAN 52, but ONLY for the RT-AX86U Pro itself (since my other two nodes don't support VLANs).
- Create a firewall rule on the pfSense VLAN52 interface to allow traffic from any IP on the subnet to the local gateway 192.168.52.1.
- Create another firewall rule on the pfSense VLAN52 interface to allow traffic from any IP to any IP except local private networks (192.168.0.0/16).
Using my phone, I was able to connect to the new guest network running solely on the RT-AX86U Pro, get an IP of 192.168.52.101, and reach the internet.
I then went downstairs and checked signal strength and latency:
Looks good to me!
Then I ran a speedtest:
So in conclusion, this will work for me. My IoT devices can't mess with my main network and I have guest network functionality, albeit on just my main router -- AND I didn't have to spend any money (I'm retired, so I'm on a limited income).
If you got this far, then cheers!
- Dave
Seth Harman
Regular Contributor
The RT-BE58U is advertised as having "Smart Home Master" and not VLAN support, but as an AiMesh node in my network which has a Pro router as the main router it does support WiFi VLAN properly, i.e. clients connecting to an RT-BE58U node using my IoT VLAN SSID are being assigned an IP from the IoT VLAN block. Asus has screwed up the marketing so badly for GNP and SHM even they're confused about what is compatible and what isn't.
Tech9
Part of the Furniture
I have no idea what that means but I guess that’s the point … sounds fabulous on the marketing material… but WTF does it all mean …Be happy. The "AI-boosted Smart AiMesh technology" figured it out for you.
Tech9
Part of the Furniture
This is what Asus says about RT-BE58U:
RT-BE58U|WiFi 7|ASUS Canada
Dual band WiFi 7 router with speeds of up to 7200 Mbps. Dual 10G ports, Quad 2.5G ports and Quad Gigabit ports. Quad-core 2.6GHz CPU. Backup WAN, Subscription-free network security and comprehensive
www.asus.com
The most important - "Engineered for Always-On Connection" and for "enhanced AI networking". This means if your old routers disconnect from time to time and play dumb - it's perfectly normal and expected. You need to upgrade to Smart routers.
That pretty much describes me, so we’re well suited. Sorted.
visortgw
Part of the Furniture
@Seth Harman: So... I just need to throw out a caution flag with respect to the TP-Link TL-SG108E switch that you recommended. I am not positive that it was causing issues, but please read on...
I added one to my network as part of my effort to move ALL IoT devices (wireless AND wireless) to a dedicated IoT VLAN. After configuring the switch, all the connected devices functioned correctly on the new VLAN. A couple of weeks ago, I began noticing significant packet loss (at times 50+ percent using simple
ping command from primary router to AiMesh nodes!!!) between my primary router and my AiMesh nodes. I initially discovered some "wonkiness" in the connection between primary router and AiMesh nodes using the mn. command (AiMesh Node(s) Info) within the MerlinAU add-on, which would randomly return one or more of the AiMesh nodes as unreachable (Thank you @ExtremeFiretop for your assistance in debugging!). Because of multiple "happenings" (vacation, ER visit/hospital admission, life in general, ...), I never was able to completely troubleshoot the packet loss issue until a couple of days ago. Since the issue was not localized to a single AiMesh node, I first replaced Ethernet patch cables common to all AiMesh nodes (e.g., (1) primary router to patch panel and (2) patch panel to TP-Link TL-SG3210XHP-M2 managed backbone switch) without resolution. Next, thinking back to recent network changes, I focused on the the TP-Link TL-SG108E switch as a possibility. To continue with the same segregation for wired IoT devices, I did the following:- reset the TL-SG108E to factory default (essentially changing it to an unmanaged switch);
- configured an unused port on my primary router (GT-BE98 Pro) to Access Mode for the IoT VLAN; and
- moved the TL-SG108E to that previously unused port on my primary router; and
- rebooted entire network (primary router and all AiMesh nodes only) via AiMesh >> System Settings >> System Reboot in primary router web UI.
Seth Harman
Regular Contributor
No idea what to tell you, I've got two of them and have experienced no such issues.
visortgw
Part of the Furniture
What firmware versions are you running on router and nodes?
Seth Harman
Regular Contributor
Nodes: Current Version : 3.0.0.6.102_37073-g3124d2d_968-gc6148_BB0B
Switches: 1.0.0 Build 20230218 Rel.50633
visortgw
Part of the Furniture
Similarities and Differences:
- the exact same firmware on my switch;
- Merlin 3006.102.5_beta1 on the primary router AND nodes;
- my primary router is WiFi 7 vs your WiFi 6.
Seth Harman
Regular Contributor
It's possible you got a bad switch, it happens. The only other thing to test would be to revert a node to stock firmware and see if it solves the problem for it.
Similar threads
Similar threads
Similar threads
-
Does Asuswrt-Merlin support Kill-Switch and Auto-Reconnect etc ?
- Started by alphaswe
- Replies: 0
-
Guest Network Pro on RT-AX88U Pro IoT VLAN Setup with TP-Link TL-SG1008 Unmanaged Switch
- Started by jksmurf
- Replies: 8
-
-
-
-
Going from Home to Small business (NAS+CCTV) - AiMesh and possible managed switch
- Started by keyboard99
- Replies: 8
-
Two DNS requests to amazonaws every 30 seconds since installing AIMesh
- Started by Qwinn
- Replies: 56
-
2.4GHz not being distributed on AIMesh node w 10GbE backhaul
- Started by chA
- Replies: 8
-
-
AiMesh randomly disconnecting - "MISC: wifi upstream is connected, and disconnected from CAP."
- Started by bibikalka
- Replies: 19