Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 27 subscribers
  • Views 7180 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wifi configuration - Bridge to AP LAN

Peter Nayler

I'm trialling an XG105W, and a little baffled by some of the limitations. I'm a total newbie to the ecosystem and was hoping for a little handholding.

Port 1 is configured with 10.10.10.1/24 LAN - DHCP handled by Windows 2008 R2. We also have voice VLAN 10, with DHCP handled by the XG.

The problem started when I attempted to get wifi working - clients were unable to obtain an IP address. So I selected the Bridge to AP LAN setting - big mistake! Goodbye to VLAN 10, hello to a new bridge. I've deleted the bridge and restored the VLAN and its DHCP server, but I need to get wifi working - what is the correct way to do this? There seem to be several opinions.



This thread was automatically locked due to age.
Parents
  • 0

    Hi Peter,

    on the XG you need an IP address on the physical interface. Then you will need a DHCP server on your VLAN 10 with a different range to the physical interface network.

    You will need to create the AP with a VLAN aware being your VLAN 10 if you want your WIFI users to access the VLAN 10. Otherwise you set the AP to LAN (which is the physical port.

     

    Ian

  • 0 in reply to rfcat_vk

    Thanks Ian, Port 1 has the LAN IP assigned, VLAN 10 is assigned to Port 1, with its own separate IP range, with a separate associated DHCP server. That is all working fine. VLAN 10 (voice) does not need to be accessible to wifi clients. I just need wifi users to access the untagged LAN. I've now set up a wireless network with client traffic in "Separate Zone" (remembering what happened when I selected Bridge to LAN) and Zone as LAN. I've applied a separate IP range and applied a separate DHCP server.

    I'm at home now so I can't test if this works, but will wifi clients be able to access the Port 1 network?

  • 0 in reply to rfcat_vk

    I think the problem here is my lack of experience with the Sophos wifi methodology. It's quite different to what I'm used to. At this point I have:

     

    Wireless network - Staff

    - client traffic in separate zone, zone is LAN, IP address is separate from Port 1 LAN, DHCP server is assigned to that IP range

    Wireless network - Guest

    - same as above, except zone is WiFi, and IP/DHCP is separate again

     

    Access points

    - assigned both Staff and Guest to default LocalWifi0

    - bridge to ethernet is NOT selected - I can only select Port1, which breaks the voice VLAN already assigned to Port1

    - band - I can only select 2.4 or 5.

    - channel is auto

     

    Access point groups

    - Localwifi0 group - added both wireless networks

     

    The Staff network allows clients to connect now, and they get an IP, but no internet access. Doesn't work when I switch zone to wifi either. There is a Guest-to-WAN firewall rule that allows all, with the wifi zone as the source.

  • 0 in reply to Peter Nayler

    Hi Peter,

    I see your issue, you cannot use port 1 as a VLAN on the XG.

    Ian

  • 0 in reply to rfcat_vk

    So.... cannot use port 1 on the XG for VLAN whilst using a wireless network that needs access to the same network as port1 (not the VLAN)?

    At the moment, port 1 acts as a trunk to a managed switch that then provides untagged and tagged traffic for data and voice respectively. Do I have to separate the LANs instead and configure the VLAN on another port and connect that to the same switch? That's very unusual.

  • 0 in reply to Peter Nayler

    Hi Peter,

    no you just can't use VLAN 1. You can use port 1 and configure VLANs on it.

    While setting up the test AP access I broke my XG and network switch. The AP does not get an IP address even though it is assigned a reserved address.

    Ian

  • 0 in reply to rfcat_vk

    To clarify, I'm using VLAN10 assigned to port 1. Not VLAN1.

  • 0 in reply to Peter Nayler

    Hi Peter,

    understand.

    To get this to work you need to have port not assigned to anything eg as if it were not connected to a managed switch.
    I cannot get an IP address assigned to my AP on non VLAN connection to my switch. So I will not be able to provide any more assistance or thoughts.

    Ian

  • 0 in reply to rfcat_vk

    OK thanks - hopefully I can get this working with help from some others. I have other ports that could assign addresses to, but I'm not sure how/why this would help.

  • 0 in reply to Peter Nayler

    Okay, got it to work. AP is connected on the VLAN port of the switch (U) but configured to bridge to LAN. Receives an IP from the LAN address range.

    You should be able to go from there.

    Ian

  • 0 in reply to rfcat_vk

    I'm not sure what you mean by "AP is connected to the VLAN port of the switch". The AP is integrated in the XG. When I edit the AP, I have an option to Bridge to Ethernet, and I can only select a physical port as the "Port to Bridge", not a VLAN. If I select Port 1 (the only one configured, untagged for data traffic, VLAN 10 for voice traffic) then the AP and Port1 are bridged and the VLAN is removed. No good.

    I don't have any other port option. The only way I could get Port 3 or 4 to appear would be to set this to the same subnet as Port 1, then bridge to that. Wouldn't that create a loop condition if I also plug that physically into the network switch? If I don't plug it into the network switch, the port wouldn't be active, correct?

  • 0 in reply to Peter Nayler

    Hi Peter,

    sorry I was not aware it is the inbuilt AP.

    Ian

Reply Children