cancel
Showing results for 
Search instead for 
Did you mean: 

Problem with guest networks and using a switch

acastleberry
Star II

Hi all...hoping someone might have seen this issue before or have some ideas. I am struggling with this:

I have 3 Asus ET12 Pro devices set up in AiMesh using wired backhaul. Main router was connected to 2 additional nodes via 1G LAN ports. Everything has worked fine for months.  I recently decided to start upgrading some of my LAN hardware and now have a multi-gig core switch that I am using. When I installed the new switch, I rewired the 2 nodes through the switch to take advantage of 2.5G connectivity to the main router, instead of using the 1G ports on the router.

Everything seemed to work fine, but then I discovered that my guest and IoT wifi networks were no longer roaming clients to the 2 nodes...clients will only connect to the main router. I tested this by joining an iPhone to guest network then trying to bind the connection to a node. It will not work.

I have a feeling it has something to do with how Asus handles VLANs on these devices, so I installed the beta 9.0.0.6.102_4856 software on them that adds better support for VLANs, but I still can't get any guest/IoT clients to connect to a node. Main wifi SSID works fine, it's only these 2 additional SSIDs and only on the nodes.

Any ideas from anyone?

1 ACCEPTED SOLUTION

Accepted Solutions

The document you linked is how my devices are connected in Scenario 2.  I have the main router connected to the switch on the 2.5G LAN port.  The switch then connects to the other 2 nodes on their 2.5G WAN ports.  So I'm using 3 switchports to connect the ASUS equipment.

As I mentioned, I don't have any issues at all with this setup using just the standard SSID/VLAN.  Everything communicates fine and clients can roam to any node.  My issues come when I try to connect clients to a guest or IoT SSID that I have set up in the Guest Network Pro section.  I have SSID/VLAN 70 and 75 configured...one for guests that need internet access, and one for IoT devices that just need internet access.  Each VLAN has its own DHCP pool.  

Clients will ONLY connect to the main router on those 2 VLANs and will never connect to a node.

I have tried setting all 3 of the uplink ports on the switch to Trunk mode.  Doing that breaks all wired connectivity on my network.  I have tried only setting the 2 uplink ports to the nodes in Trunk mode, but that doesn't appear to do anything.  (And to @Jimmysnee , I verified that I can't set the WAN port to Trunk in the LAN>VLAN config page).  Currently, I have configured the switch PVID for all ports to 1, which is the default VLAN.  I have added VLAN 70 and 75 to the 3 uplink ports and set those 2 VLANs to tag, leaving VLAN 1 untagged.  That also doesn't help and has the same results.

Maybe I'm missing something simple, but I can't figure out what it might be.

View solution in original post

12 REPLIES 12

Jimmysnee
Star I

Do you have the ports (on both sides of the wired backhaul connections) explicitly defined as trunks?  Sounds like the primary SSID is working because it probably the same IP block and the ports are configured as access ports, but the VLANs for the other two SSIDs will not pass over access links.

On the switch, I have 2 nodes connected to port 1 and 2. The uplink from the switch to main router LAN port is on port 8. 

I’ve tried setting port 1 and 2 as trunk ports, but I don’t see anywhere on the nodes to configure them. I’ve also tried setting port 8 as trunked, but that seems to break all my wired connections elsewhere. 

Typically I've set up AiMesh nodes through unmanaged switches, but I have seen ASUS instructions mention use of managed switches:

https://www.asus.com/us/support/faq/1044151/

If I had to guess you need to reroute the VLANs on your main router from 1 G ports to the 2.5 G ports that you moved the connections to...

The document you linked is how my devices are connected in Scenario 2.  I have the main router connected to the switch on the 2.5G LAN port.  The switch then connects to the other 2 nodes on their 2.5G WAN ports.  So I'm using 3 switchports to connect the ASUS equipment.

As I mentioned, I don't have any issues at all with this setup using just the standard SSID/VLAN.  Everything communicates fine and clients can roam to any node.  My issues come when I try to connect clients to a guest or IoT SSID that I have set up in the Guest Network Pro section.  I have SSID/VLAN 70 and 75 configured...one for guests that need internet access, and one for IoT devices that just need internet access.  Each VLAN has its own DHCP pool.  

Clients will ONLY connect to the main router on those 2 VLANs and will never connect to a node.

I have tried setting all 3 of the uplink ports on the switch to Trunk mode.  Doing that breaks all wired connectivity on my network.  I have tried only setting the 2 uplink ports to the nodes in Trunk mode, but that doesn't appear to do anything.  (And to @Jimmysnee , I verified that I can't set the WAN port to Trunk in the LAN>VLAN config page).  Currently, I have configured the switch PVID for all ports to 1, which is the default VLAN.  I have added VLAN 70 and 75 to the 3 uplink ports and set those 2 VLANs to tag, leaving VLAN 1 untagged.  That also doesn't help and has the same results.

Maybe I'm missing something simple, but I can't figure out what it might be.