Omada Network and Profile configuration issue
I'm experiencing some blocking infexibilities in the configuration of vlans, and port profiles.
I'm introducing Omada Managed Switches and Access Points within an existing network infrastructure, however the user interface prohibits configuration and changes on default settings that would require a complete network re-configuration to suite these restrictions. This obviously is something I want to avoid, and should also not be necessary.
Let me elaborate:
Issue 1 is the default Network LAN that is configured in Settings->Wired Networks->LAN.
After setup this default entry is already configured, and cannot be edited. This network 'Purpose' is interface and has a VLAN of 1. This VLAN however happens to be my Management VLAN. This is no major issue, as I can select this network as the Management VLAN, Simply changing the Name, could resolve this issue. Only thing that remains is it's purpose and an associated ip subnet (192.168.0.1/24) which I don't use (or not manage through Omada). From searches on this forum, it seems to be related to the TP-Link gateways, but I'm not using that. I'm using a Sophos XG as internet gateway, and as you can imagine, not planning on replacing that with an Omada Gateway. All in all, this hard coded config seems a bit strange, and it would be nice if it could be deleted or at least edited.
Second issue is on the Switches, to make vlans available across the whole network, across different switches one would normally define a trunk that would carry al those tagged VLAN's. However, within Omada, I cannot create a profile that would include all vlans tagged, as I'm forced to select a native VLAN, which cannot be part of the selected tagged VLAN's.
In my perception, there generally are three types of ports:
1. Access ports, these are ports where end-user devices are hooked up to, and carry one VLAN untagged.
2. Trunk ports, these carry multiple VLAN's mostly used to distribute these VLANs across the whole network, or for example to access points, carrying the VLAN's that belong to the different wireless networks (Office, Guest, etc) In addition to the management VLAN that is used to manage the network infrastructure.
3. Hybrid ports, these are typically trunk ports, which also have one untagged VLAN associated with them. These could be handy for example to adopt new devices in the network infrastructure prior to having the correct configuration. I tend to use these only temporarily until everything is configured as it should be.
Within Omada, one can only create an Access port, or an Hybrid port, which also seems to have the restriction that the native VLAN cannot be part of the tagged VLAN list (why???).
Only way to create a trunk now would be to create a hybrid port, carrying all, but one VLAN tagged, and one untagged. This would also require reconfiguration of the rest of the non-Omada managed network infrastructure. And I'm than leaving out the part that I would not be charmed by such a configuration, as it feels like a work around for the Omada configuration restrictions.
All in all, I think this part of the Omada software needs to be changed. It could be I'm doing something wrong here, if so, please tell me what to do.
If I'm right, I think the following changes need to be made:
1. Don't create default configs that cannot be changed or deleted and could conflict with existing network infrastructures.
2. Change the port profiles to allow access, trunk and hybrid ports as described above.
I've taken the switch out of Omada management to use the web interface of the switch. In that case I can actually configure the switch according to my requirements.
If I configure the port to only accept tagged frames and configure the tagged VLANs that the port is a member of I can assign all VLAN ID's including the one configured as PVID (wich I think is ignored due to the 'allow tagged only' config). So the switch itself seems to be able to support the configuration I'm looking for for trunk ports. Basically I can create all of the 'port types' I require through the native device interface (access, trunk, hybrid or whatever you want to call it). When using Omada to configure the ports using profiles, I am however not able to configure a similar setup, as such, it seems to be a restriction in the Omada software at this point.