Running 4.1-r3 on CNPilot e505 AP, and 6.47.4 on a Mikrotik RB3011 router. I have VLAN3 defined on the bridged ports of the router, and VLAN3 defined on multiple Ubiquiti wifi APs around the building. Open wifi SSID feeds through VLAN3 while WEP2 secured wifi is NOT VLANned, has worked fine for several years over the Ubiquiti APs, but I finally talked the boss into hanging an e505 out back to allow wifi in the parking area where company trucks, etc, are parked.
But anything that connects to the CNPilot open (VLAN3) wifi is unable to get DHCP, I see zero packets showing up at the VLAN3 interface on the router.
Can anybody suggest what I’m missing here?
Boss doesn’t realize there’s problem, NOC staff all have the secured wifi set on our cell phones, tablets, etc since the VLAN3 open wifi has no access to infrastructure IPs on the network.
Anand - what do you mean? There’s nothing I can find identified as “uplink port” configuration…
Both VLAN1 & VLAN3 are defined in Configure->Network->VLAN. Configure->Network->EthernetPorts eth1 is set with Trunk Multiple VLANs, Native VLAN is 1, tagged NOT checked (secured connections are untagged), Allowed VLANs set to 1,3.
With the above configuration, AP will send the open wifi SSID traffic (VLAN3) as tagged thru eth1 port. Please check the device port configuration (which is connected to eth1 port of AP) is configured to accept VLAN 3 packets tagged .
Nailed it, Anand, thank you. It hadn’t occurred to me to check, but the guys who ran the cabling for this AP ended up plugging the POE brick into an old Cisco managed POE switch on a co-worker’s workbench, instead of where I’d expected it to be connected. The Cisco wasn’t allowing tagged VLAN traffic through. Re-wired it to the dumb switch upstream of the Cisco (where I’d instructed, expected, and assumed it was connected) and all works as expected.
Again, Thanks for the spot-on diagnostic of the problem.