What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Switch capabilities of AIMesh Nodes?

Tech9 said:
Not really. Routers with Smart Home Master don't have user configurable VLAN options. It's sort of stripped down Guest Network Pro.
Click to expand...
Exactly. Simply put, you can connect mesh nodes, but there are limitations on WiFi bands per interface and VLAN propagation to the nodes Ethernet ports.
 
Tech9 said:
Sound like a good plan to me. Let us know how it works in real life.
Click to expand...
Seth Harman said:
Guest Network Pro is currently functioning on my AiMesh setup and my nodes are RT-BE58Us and my main router is an RT-AX88U Pro. If they forgot to mention the RT-BE58U as compatible what other products, if any, did they forget in their list?
Click to expand...
Tech9 said:
For Guest Network Pro compatibility I would stick to the official list here:

RT-BE58U is in what Asus calls Smart Home Master products line category:
Click to expand...
I did some more testing and have some good news... well, good for me at least...

To recap, I originally wanted all IoT devices (Alexa, cameras, smart switches, Govee, etc.) to be on their own guest network VLAN but could never get it working with my current hardware. In the end, I was able to solve the issue and separate traffic from those devices and my local computers by creating some firewall rules on my pfSense firewall.

But I still wanted to have basic guest network functionality when friends and family do come over (because apparently Verizon's signal is crap in my house and they want to use my WiFi -- I'm personally on T-Mobile).

This especially hit me hard this past weekend because we had some neighbors over and I was forced to connect them to my main SSID due to lack of a Guest Network. They were on iPhones and somehow they managed to figure out my SSID's password (which I've since changed)!!! I'm not an iPhone user, so I have no idea how they figured it out.

Anyway, my "a-ha" moment earlier today was to simply enable Guest Network Pro on only my main RT-AX86 Pro router in my office, which is directly above the family room where my guests tend to hang out.

This is what I did...
  1. Enable the unused Ethernet interface on my pfSense firewall (named OPT2) with a static IP of 192.168.3.1.
  2. Create a new VLAN52 interface in pfSense and assign it to the OPT2 interface with an IP range of 192.168.52.1/24.
  3. Create a new DHCP server on the VLAN52 interface with a range of 192.168.52.101 to 192.168.52.199.
  4. Connect a short Ethernet cable from the OPT2 port on the pfSense to LAN Port 4 on the RT-AX86U Pro.
  5. On the Asus GUI, create a new Guest Network on VLAN 52, but ONLY for the RT-AX86U Pro itself (since my other two nodes don't support VLANs).
    1752625322065.jpeg
  6. Create a firewall rule on the pfSense VLAN52 interface to allow traffic from any IP on the subnet to the local gateway 192.168.52.1.
  7. Create another firewall rule on the pfSense VLAN52 interface to allow traffic from any IP to any IP except local private networks (192.168.0.0/16).
And that was all!

Using my phone, I was able to connect to the new guest network running solely on the RT-AX86U Pro, get an IP of 192.168.52.101, and reach the internet.
1752625607999.jpeg

I then went downstairs and checked signal strength and latency:
1752625773603.png
1752625781349.png

Looks good to me!

Then I ran a speedtest:
1752625793403.png


So in conclusion, this will work for me. My IoT devices can't mess with my main network and I have guest network functionality, albeit on just my main router -- AND I didn't have to spend any money (I'm retired, so I'm on a limited income).

If you got this far, then cheers!
- Dave
 
The RT-BE58U is advertised as having "Smart Home Master" and not VLAN support, but as an AiMesh node in my network which has a Pro router as the main router it does support WiFi VLAN properly, i.e. clients connecting to an RT-BE58U node using my IoT VLAN SSID are being assigned an IP from the IoT VLAN block. Asus has screwed up the marketing so badly for GNP and SHM even they're confused about what is compatible and what isn't.
 
Tech9 said:
Be happy. The "AI-boosted Smart AiMesh technology" figured it out for you. 🤗
Click to expand...
I have no idea what that means but I guess that’s the point … sounds fabulous on the marketing material… but WTF does it all mean … 😆
 
jksmurf said:
I have no idea what that means
Click to expand...

This is what Asus says about RT-BE58U:
www.asus.com

RT-BE58U|WiFi 7|ASUS Canada

Dual band WiFi 7 router with speeds of up to 7200 Mbps. Dual 10G ports, Quad 2.5G ports and Quad Gigabit ports. Quad-core 2.6GHz CPU. Backup WAN, Subscription-free network security and comprehensive
www.asus.com www.asus.com

The most important - "Engineered for Always-On Connection" and for "enhanced AI networking". This means if your old routers disconnect from time to time and play dumb - it's perfectly normal and expected. You need to upgrade to Smart routers.
 
Tech9 said:
disconnect from time to time and play dumb - it's perfectly normal and expected.
Click to expand...
That pretty much describes me, so we’re well suited. Sorted.
 
I have the same old Sometimes-On type network as you. Food is expensive lately, can’t afford AI driven Always-On network. 🤷‍♂️
 
Seth Harman said:
As we just saw earlier up in this thread at least some AiMesh nodes running 3004 aren't properly tagging wireless clients with GNP VLAN IDs so when wireless clients are connecting to a 3004 node they're getting tagged with VLAN ID 1 (or no tag at all) even when GNP is operating correctly on the main router:

I finally upgraded my RT-AX86U Pro (running in AP Mode) from 3.0.0.4_388_24199 to 3.0.0.6.102_34349. Of course doing that changed the way Guest Networks work -- now with VLAN functionality.
  • I have two AiMesh nodes: RT-AC86U on 3.0.0.4.386_51967 (latest) and RT-AC68U on 3.0.0.4.386_51733 (latest)..
  • All 3 were connected (Ethernet backhaul) via a Netgear unmanaged switch. So I just replaced it yesterday with a TP-Link TL-SG108E to get VLAN support.
  • My main WiFi network IP range is 192.168.2.X and my Guest Network (VLAN 52) is 192.168.52.X. All DHCP is handled by my pfSense firewall.
I've tried configuring the TP-Link switch many different ways based on this Asus FAQ and this one too. No luck.

Whenever a wireless IoT device (Amazon Echo, EZVIZ Camera, Kasa Smart Switch, etc.) connects to one of the Asus AiMesh nodes, it gets a 192.168.2.X IP address instead of a 192.168.52.X address. The only way I can force the devices to get the correct IP is to simply cut power to both my Asus nodes so everything connects to the main RT-AX86U router.

The managed switch can VLAN tag wired clients regardless of what firmware an AiMesh node is running, it's the wireless clients that are an issue.
Click to expand...
@Seth Harman: So... I just need to throw out a caution flag with respect to the TP-Link TL-SG108E switch that you recommended. I am not positive that it was causing issues, but please read on...

I added one to my network as part of my effort to move ALL IoT devices (wireless AND wireless) to a dedicated IoT VLAN. After configuring the switch, all the connected devices functioned correctly on the new VLAN. A couple of weeks ago, I began noticing significant packet loss (at times 50+ percent using simple ping command from primary router to AiMesh nodes!!!) between my primary router and my AiMesh nodes. I initially discovered some "wonkiness" in the connection between primary router and AiMesh nodes using the mn. command (AiMesh Node(s) Info) within the MerlinAU add-on, which would randomly return one or more of the AiMesh nodes as unreachable (Thank you @ExtremeFiretop for your assistance in debugging!). Because of multiple "happenings" (vacation, ER visit/hospital admission, life in general, ...), I never was able to completely troubleshoot the packet loss issue until a couple of days ago. Since the issue was not localized to a single AiMesh node, I first replaced Ethernet patch cables common to all AiMesh nodes (e.g., (1) primary router to patch panel and (2) patch panel to TP-Link TL-SG3210XHP-M2 managed backbone switch) without resolution. Next, thinking back to recent network changes, I focused on the the TP-Link TL-SG108E switch as a possibility. To continue with the same segregation for wired IoT devices, I did the following:
  1. reset the TL-SG108E to factory default (essentially changing it to an unmanaged switch);
  2. configured an unused port on my primary router (GT-BE98 Pro) to Access Mode for the IoT VLAN; and
  3. moved the TL-SG108E to that previously unused port on my primary router; and
  4. rebooted entire network (primary router and all AiMesh nodes only) via AiMesh >> System Settings >> System Reboot in primary router web UI.
This appears to have completely resolved all of the packet loss (and associated issues)! I'm not sure why the TL-SG108E configured as it was previously would cause issues, but I have no other explanation!
 
visortgw said:
@Seth Harman: So... I just need to throw out a caution flag with respect to the TP-Link TL-SG108E switch that you recommended. I am not positive that it was causing issues, but please read on...
Click to expand...
No idea what to tell you, I've got two of them and have experienced no such issues.
 
Seth Harman said:
No idea what to tell you, I've got two of them and have experienced no such issues.
Click to expand...
What firmware versions are you running on router and nodes?
 
Seth Harman said:
Nodes: Current Version : 3.0.0.6.102_37073-g3124d2d_968-gc6148_BB0B
Switches: 1.0.0 Build 20230218 Rel.50633
Click to expand...
Similarities and Differences:
  1. the exact same firmware on my switch;
  2. Merlin 3006.102.5_beta1 on the primary router AND nodes;
  3. my primary router is WiFi 7 vs your WiFi 6.
Not sure what the issue might be, but the switch definitely screwed up my network!
 
visortgw said:
Similarities and Differences:
  1. the exact same firmware on my switch;
  2. Merlin 3006.102.5_beta1 on the primary router AND nodes;
  3. my primary router is WiFi 7 vs your WiFi 6.
Not sure what the issue might be, but the switch definitely screwed up my network!
Click to expand...
It's possible you got a bad switch, it happens. The only other thing to test would be to revert a node to stock firmware and see if it solves the problem for it.
 
You must log in or register to reply here.

Similar threads

J
Managed or Unmanaged Switch for Multiple VLANs?
Replies
19
Views
1K
jksmurf
J
B
Updates to Mesh nodes
Replies
3
Views
568
BadWolfe
B
L
VLAN Trunk WAN and LAN
Replies
5
Views
761
Tech9
Tech9
Z
VLANs on APs
Replies
3
Views
484
Tech9
Tech9
C
2.4GHz not being distributed on AIMesh node w 10GbE backhaul
Replies
8
Views
421
chA
C
Similar threads
Thread starter Title Forum Replies Date
A Does Asuswrt-Merlin support Kill-Switch and Auto-Reconnect etc ? Asuswrt-Merlin 0
J Guest Network Pro on RT-AX88U Pro IoT VLAN Setup with TP-Link TL-SG1008 Unmanaged Switch Asuswrt-Merlin 8
howardmoon Problems with switch to AT&T fiber Asuswrt-Merlin 50
U How to switch secondary WAN to Hot-Standby? Asuswrt-Merlin 17
CntrlAltDel Switch WAN type from SSH Asuswrt-Merlin 3
K Going from Home to Small business (NAS+CCTV) - AiMesh and possible managed switch Asuswrt-Merlin 8
Q Two DNS requests to amazonaws every 30 seconds since installing AIMesh Asuswrt-Merlin 61
C 2.4GHz not being distributed on AIMesh node w 10GbE backhaul Asuswrt-Merlin 8
M Guest Network not Working on AIMesh Nodes Asuswrt-Merlin 1
B AiMesh randomly disconnecting - "MISC: wifi upstream is connected, and disconnected from CAP." Asuswrt-Merlin 19

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 677 (members: 18, guests: 659)
Back
Top