I'm currently using Peplink AC One Mini APs for all the indoor access points. It's a major pain when I need to update a setting on all 18 APs we have across the company, so I recently purchased a Sophos AP55 to try out in one of our shops before jumping in and buying all 18 APs and then finding out something doesn't work the way I need it to. So let me give you the rundown of our network layout...
We have an XG310 as the main firewall/router and use Cisco SG300 and SG500 series switches with the following VLANs (1, 8, 99, 100) as well as auto voice VLAN for VoIP.
The "untagged" VLAN (1) is the main internal corporate network. The wireless side of this VLAN requires all of the connecting devices to be members of Active Directory.
Then we have a BYOD VLAN (8) for corporate devices such as iPads and diagnostic equipment that obviously are not members of Active Directory. The XG relays DHCP from this VLAN to a domain DHCP server to get addresses. There a a few firewall rules to allow access to internal network devices such as printers and web servers.
Next we have a GuestWifi VLAN (99). This VLAN gets an IP from the XG and is routed directly to the internet. No access to any other LAN subnets/devices.
Then we have a VoIP VLAN (100). As the name implies, this is for VoIP phones. DHCP requests are relayed to the domain DHCP and then is routed out the WAN to our VoIP provider.
So, I got my first AP55 added in the XG and started setting up the SSIDs. I created one called "SopTest" for the internal corporate network (untagged). I set it as "Bridge to AP LAN" and the encryption mode as WAP2-Enterprise. This SSID is working exactly as expected.
Then I created a "BYODTest" SSID. I set it to "Bridge to VLAN" and set the VLAN ID to 8 and set the encryption mode to WPA2-personal.
When I go to the AP and add the BYODTest SSID to it and click save, I get the following error: "The current VLAN tagging setting in access point group is not compatible with the wireless network in bridge mode to VLAN".
I can't seem to figure out exactly why I'm getting this error or how to resolve it. All I want to do is tag traffic on that SSID to VLAN 8 like I've done in the past with every other access point I've ever used. Surely to goodness I'm not the only one who's ever had this error. Any suggestions?
This thread was automatically locked due to age.