EAP225-Wall VLAN

EAP225-Wall VLAN
EAP225-Wall VLAN
2019-08-14 18:31:52
Model: EAP225-Wall
Hardware Version: V2
Firmware Version: 1.2.0 Build 20190222 Rel. 34350(4555)

Hello,

 

is there any chance to configure the eth ports (1-3) to specific VLANs (like SSID-to-VLAN) for an EAP225-Wall?

 

If I had root access, I would configure it by myself via SSH, but unfortunately "vconfig: ioctl error for add: Operation not permitted" and I really have no time investiagting a "custom firmware" (even though I am very interested in that approach).

 

If this is not possible at all, why there are 3 NICs just bridged directly into my "eth0-vlan-trunk"?!

 

Kind regards

0
0
#1
Options
5 Replies
Re:EAP225-Wall VLAN
2019-08-15 00:38:42

Hi,

 

The EAP225-Wall has four ports, one uplink port and three downlink ports. For these three downlink ports, one is used for PoE out, the other two are common ethernet port. 

We cannot set them as VLAN. 

0
0
#2
Options
Re:Re:EAP225-Wall VLAN
2019-08-15 10:31:50

forrest wrote

The EAP225-Wall has four ports, one uplink port and three downlink ports.

 

Sure, I have one right here in front of me.

 

forrest wrote

For these three downlink ports, one is used for PoE out 

 

That is obvious but thank you for pointing out.

 

forrest wrote

the other two are common ethernet port. 

We cannot set them as VLAN. 

 

Here we are.

 

Are there any plans to restrict the 3 NICs to a specific VLAN?

 

It is some kind of a security threat, expsing VLAN-Trunk ports directly to "customers", as this device is designed to be placed in hotel rooms.

0
0
#3
Options
Re:Re:Re:EAP225-Wall VLAN
2019-08-16 01:44:23

MrGeek wrote

Are there any plans to restrict the 3 NICs to a specific VLAN?

It is some kind of a security threat, expsing VLAN-Trunk ports directly to "customers", as this device is designed to be placed in hotel rooms.

 

Hello, 

 

When the clients connect to the EAP225-Wall via the downlink port, these clients will not show up in the Controller. That is to say, we cannot set some configuration for the wired clients on the Omada Controller. So we cannot restrict the 3 NICs to a specific VLAN.

0
0
#4
Options
Re:Re:Re:Re:EAP225-Wall VLAN
2019-08-16 06:18:12

 

You have done it on EAP245v3 whay not EAP225-Wall?

 

0
0
#5
Options
Re:Re:Re:Re:EAP225-Wall VLAN
2019-08-16 10:38:12 - last edited 2019-08-16 10:50:30

forrest wrote

When the clients connect to the EAP225-Wall via the downlink port, these clients will not show up in the Controller.

 

 

I can not confirm this statement.

 

The Web-Interface for the EAP225-Wall do show up / indicate the link status for either of the ports - even with link-speed and link-type (full-duplex, half-duplex).

 

As shberge pointed out it is configureable in the Web-Interface for the EAP245.

 

Accessible ethernet ports should (and in my own opinion must) not be VLAN trunk ports! Either they should be configurable as VLAN access ports or just ignore VLAN traffic at all and just serve as "dump dumb" ethernet ports (i.e. dropping any 802.11q traffic).

 

I highly recommend and wish for a firmware upgrade integrating this functionality. It need not necessarily enable configuring a specific VLAN access port for each NIC independently but at least for all-together.

 

Think about it, as this feature will may increases sellings of the EAP225-Wall. No professional will mount any of these EAP225-Wall when they do expose VLAN trunk ports ... 

0
0
#6
Options