Business Community > Controllers > Issue with changing Management Vlan
< Controllers

Issue with changing Management Vlan

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Issue with changing Management Vlan

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Issue with changing Management Vlan
Issue with changing Management Vlan
2021-09-12 17:55:05 - last edited 2021-09-23 02:51:00
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.1.1

I recently bought an entire Omada Network including the OC200 hardware controller, the R605 Security Gateway, 3 Jetstream switches and 3 EAP access points.

 

From the first moment I tried to configure a management vlan different from the default one I ran into issues. At some point I found this article: https://www.tp-link.com/nl/support/faq/2814/. In different threads I see forum user (and TP-link employee?) @Fae referencing this article. Looking at the article I should follow Scenario 1, but no matter what I do, it does not work. To my opinion some key steps are missing, which aren't in scenario 2. Let's break it down.

 

Before starting the procedure, there is only one vlan: the default vlan. All switch ports have the profile 'all'. All devices are discovered and adopted into the Omada controller.

According to the steps in scenario 1, I made a new vlan (and interface on the R605, with DHCP) and configured it for the switches and EAPs as the management vlan. After a few minutes being in the 'configuring' state they all go into the 'disconnected' state and stay there. 

 

This makes sense to me, because the Controller is stil in the default vlan. As far as I understand, the controller can only manage devices in the same vlan/subnet as it is itself. 

As soon as I configure one switch interface with the management vlan untagged (did that before the steps of scenario 1 so I was still able to manage the switches) and plug the controller into that port after the steps and give it an IP address in the management vlan, all switches and EAPs get connected again. Only problem: the R605 Security Gateway now has the 'disconnected' state and is no longer manageable.

 

So my conclusion: scenario 1 is not a viable option. Although I have an Omada manageable router, in this case you have to tread it as a random router and follow scenario 2.

 

What do I miss here? I hope I overlook something and scenario 1 is possible indeed, but I doubt it.

 

Update:

I reached out to TP-Link support and they acknowledge the issue. It is under review at the moment. To be continued.

  2      
 
  2      
 
#1
Options
1 Accepted Solution
Re:Issue with changing Management Vlan-Solution
2021-09-19 18:45:58 - last edited 2021-09-23 02:51:00

So the FAQ has been updated and is much better now. I actually got it working. Key step is the use of the Omada Discovery Utility.

 

I gave my OC200 a static IP address in the default vlan, so I would always know how to reach it.

So I needed to reconfigure this after step 4 to an IP address in the new management vlan. I would advice to do this so you do not need to search for the new address.

 

I was also told by the support team, that there is a new way of managing your Omada devices in the making. I don't have a timeline for this, so we'll have to wait and see.

 

Recommended Solution
  1  
  1  
#3
Options
2 Reply
Re:Issue with changing Management Vlan
2021-09-15 10:21:54

Dear @haggyman,

 

haggyman wrote

I recently bought an entire Omada Network including the OC200 hardware controller, the R605 Security Gateway, 3 Jetstream switches and 3 EAP access points.

 

From the first moment I tried to configure a management vlan different from the default one I ran into issues. At some point I found this article: https://www.tp-link.com/nl/support/faq/2814/. In different threads I see forum user (and TP-link employee?) @Fae referencing this article. Looking at the article I should follow Scenario 1, but no matter what I do, it does not work. To my opinion some key steps are missing, which aren't in scenario 2. Let's break it down.

 

Before starting the procedure, there is only one vlan: the default vlan. All switch ports have the profile 'all'. All devices are discovered and adopted into the Omada controller.

According to the steps in scenario 1, I made a new vlan (and interface on the R605, with DHCP) and configured it for the switches and EAPs as the management vlan. After a few minutes being in the 'configuring' state they all go into the 'disconnected' state and stay there. 

 

This makes sense to me, because the Controller is stil in the default vlan. As far as I understand, the controller can only manage devices in the same vlan/subnet as it is itself. 

As soon as I configure one switch interface with the management vlan untagged (did that before the steps of scenario 1 so I was still able to manage the switches) and plug the controller into that port after the steps and give it an IP address in the management vlan, all switches and EAPs get connected again. Only problem: the R605 Security Gateway now has the 'disconnected' state and is no longer manageable.

 

So my conclusion: scenario 1 is not a viable option. Although I have an Omada manageable router, in this case you have to tread it as a random router and follow scenario 2.

 

What do I miss here? I hope I overlook something and scenario 1 is possible indeed, but I doubt it.

 

Update:

I reached out to TP-Link support and they acknowledge the issue. It is under review at the moment. To be continued.

 

Thank you for your valued feedback!

 

I've reported this configuration problem to the TP-Link support team, they will update the FAQ2814 for management VLAN setup soon

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
  1  
  1  
#2
Options
Re:Issue with changing Management Vlan-Solution
2021-09-19 18:45:58 - last edited 2021-09-23 02:51:00

So the FAQ has been updated and is much better now. I actually got it working. Key step is the use of the Omada Discovery Utility.

 

I gave my OC200 a static IP address in the default vlan, so I would always know how to reach it.

So I needed to reconfigure this after step 4 to an IP address in the new management vlan. I would advice to do this so you do not need to search for the new address.

 

I was also told by the support team, that there is a new way of managing your Omada devices in the making. I don't have a timeline for this, so we'll have to wait and see.

 

Recommended Solution
  1  
  1  
#3
Options

Information

Helpful: 2

Views: 2300

Replies: 2

Related Articles
Vlan Issue
405 0
 VLAN management
444 0
Management VLAN in Omada SDN Controller > fail
1449 0
Managment VLAN issue
197 0
Vlan can access the browser management page despite ACL rules should block it
184 0
ER605 disconnect issue when moving ER605 to MGMT VLAN
847 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.