Help with the adaption of TL-SG2210P
Help with the adaption of TL-SG2210P
Hello all together!
I need help! I am trying to bind my switch (TL-SG2210P) to my Omada controller so I can administer it from there.
Unfortunately, I am either doing something wrong, or I am doing everything right and the switch simply does not support my desired function.
My goal is to be able to administrate all my TP-Link devices (1x TL-SG2210P, 2x EAP-610) from my Omada controller.
To do this, I configured an access port on my switch with VLAN 161 (this is my management VLAN for the interfaces of the EAPs and the TL-SG2210P).
After conntecting my PC to that port, I started the Omada Discovery Tool on my PC to set the IP address of the Omada controller on the TL-SG2210P (which is in server VLAN 162).
Unfortunately, the tool did not detect my switch.
Because I assumed that I made a mistake somewhere, I tried to adapt my EAPs. I connected them to a trunk port with tagged VLAN 161 on the switch.
Both EAPs were detected directly by the tool and by the Omada controller.
This gave me the idea that something was wrong with the VLANs. For this reason I connected my PC to another access port, which was assigned to VLAN 1.
Here the switch showed up in the tool. My guess is that the switch only tries to connect to the Omada controller via VLAN 1.
My question now is: how do I make the switch try to reach the Omada controller via VLAN 161 and not via VLAN 1?
Do you have any idea?
Greetings from Germany
7ippy
UPDATE #1:
I forgot to say that the VLAN 161 and VLAN 162 are connected via a firewall. The routing is done by the firewall.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Here is a minimal configuration for the switch to reproduce the situation:
!TL-SG2210P
#
vlan 161
name "MGMT"
#
ip route 0.0.0.0 0.0.0.0 172.16.1.1
#
interface vlan 161
ip address 172.16.1.2 255.255.255.0
no ipv6 enable
#
interface vlan 1
ip address 192.168.0.1 255.255.255.0
no ipv6 enable
#
interface gigabitEthernet 1/0/1
description "VLAN 161"
switchport general allowed vlan 161 untagged
switchport pvid 161
no switchport general allowed vlan 1
#
interface gigabitEthernet 1/0/2
description "VLAN 1"
power inline supply disable
#
interface gigabitEthernet 1/0/3
power inline supply disable
#
interface gigabitEthernet 1/0/4
power inline supply disable
#
interface gigabitEthernet 1/0/5
power inline supply disable
#
interface gigabitEthernet 1/0/6
power inline supply disable
#
interface gigabitEthernet 1/0/7
power inline supply disable
#
interface gigabitEthernet 1/0/8
power inline supply disable
#
interface gigabitEthernet 1/0/9
power inline supply disable
#
interface gigabitEthernet 1/0/10
power inline supply disable
#
If you connect a PC to port 2 and start the Omada Discovery Tool, the switch is detected by the tool.
However, if you connect the PC to port 1, the switch is not detected.
- Copy Link
- Report Inappropriate Content
You probably should have adopted 1st before making any standalone changes. The adoption process uses its own set of internals to talk between the controller and the switch. Once its fully adopted, you can change the settings to whatever you want to include IP address, VLANS etc.
Setting up the switch 1st is liking putting the cart before the horse so to speak. Now the controller cannot talk to switch..
Reset the switch back to factory defaults and then try and adoption.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
I have a 2210, 2008, 605 and 225's all tied to the OC200 controller. Took me a while to figure out that once I made any changes to the devices in standalone mode, the controller could no longer reach them.
Best to just plug in, let the controller see the 2210 on the network and then it will ask you if you want to adopt so it can control it. Once thats done...you can make the VLAN changes, etc.
- Copy Link
- Report Inappropriate Content
Hey @Fleegle61
I found a workaround: Port 6 (Access Port; VLAN 1) directly connected to Port 7 (Access Port; VLAN 161)
This is evil and bad and very very unprofessional ... but it works.
With this link all packets from VLAN 1 will be send to VLAN 161. And the switch shows up in my omada controller.
But now I am scared what happens with my network when I click "adapt".
Can you explain what I should do BEFORE adapting the Switch? Because I need the same configuration on the switch AFTER adapting ...
Otherwise I may be unable to administrate my network.
And I have another question: do I need this " bypass" all the time? Or is it possible to "migrate" the communication from VLAN 1 to 163 for the future connections? Like setting MGMT VLAN in EAPs.
- Copy Link
- Report Inappropriate Content
@7ippy .
I went through a similar Standalone->OC200 migration. In some ways, the cleanest way is just to default the switch and adopt that way. There will be some downtime in the process regardless, so you won't be doing any of this during prime hours. However, if you pre-build all the required (sub) networks etc in your controller first, then bringing the switch under controller command will go faster, though temporarily disrupting network communications until you re-apply all the port configs via the controller. If you know what you're doing this should take a few minutes..more if you have lots of complicated ACLs to rebuild and apply longer, and if you screw up....longer. You can move the mgmt VLAN off of VLAN1 during all this.
To paraphrase Yoda...Do or Do Not. In other words, there is no half-config. You must commit to controller domination, and there is lots of value in doing so.
- Copy Link
- Report Inappropriate Content
Hey @d0ugmac1
Thank you for your reply! Do you know some good tutorials for configuring the omada controller?
I would claim that I know what I am doing ... But the omada controller and the configuration via this is new to me.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
I think the problem is on VLAN interface. The switch may not have an IP interface on VLAN 161 so it won't be managed/available in VLAN 161.
The switch default IP is only applied for VLAN 1.
But anyway once you adopt the switch, you will need to do all the settings from beginning. The Controller will cover all existing settings.
- Copy Link
- Report Inappropriate Content
Yes, once @7ippy has everything under Omada control, he can use another excellent tutorial like this one, How to configure Management VLAN in Omada SDN Controller (4.4.4 or above)? | TP-Link, to carefully move his devices onto their own management VLAN.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 2809
Replies: 20
Voters 0
No one has voted for it yet.