New TP-Link Omada User / Noob / Confirm setup
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Hello All
It has been many years since i have done any network equipment setup and I have a couple questions regarding the way i should set all this up and if my plan is good or not. I am building this network to handle heavier load required for smart home devices and to better segment and separate the networks according to equipment purpose/best practice. I have experienced some difficulty configuring properly with various issues (inter VLAN Communication, DHCP not found, etc). I am hoping the community can help confirm my plan for setup.
I have watched many youtube tutoirial and browsed the communitte/fourms and have not found a fully flushed out guide or detailed instruction on the best method to complete this setup.
In play devices:
- OC200
- ER605 v2.0
- TL-SG3428MP v2.0
- 2 x EAP653 (Not yet configured.
Current network plan:
- Will use DHCP from ER605
- Routing / ACL / etc all handled by ER605
- Some specific ACL to allow specified MAC to communicate to Server / LAN Management vlans
- Switch ports
- Configured for their specific purpose according to the above
- All will still need to be able to communicate back to the router for the DHCP process.
- Added example port settings below.
- VLAN Setup
- Initial "default LAN" (VLAN 1)
- Switch ports 19 - 28
- Use this as the management vlan for the network devices
- I want new devices as I add them to automatically be discoverable and be adoptable to the network
- Is this a bad idea, do i need to use a 'newly created' VLAN and the Management VLAN process as described here (https://www.tp-link.com/us/support/faq/2814/)?
- VLAN 2 - General wired network
- Switch ports 1 - 10
- VLAN 3- General Wireless Network
- Used for wireless only, no switch ports assigned.
- VLAN 4- Guest Wireless Network
- Used for wireless only, no switch ports assigned.
- VLAN 5- IoT Network
- Switch ports 11 - 14
- Will be used for both wired and wireless IoT devices
- VLAN 6- Servers
- Switch Ports 15 - 18
- Initial "default LAN" (VLAN 1)
- Wireless setup
- SSID: Home - known home users
- VLAN 3
- SSID: Guest - Guest access, internet access only
- VLAN 4
- SSID: IoT - For all IoT devices
- VLAN 5
- SSID: Home - known home users
Hey
Just reading through your post and honestly it sounds perfect, nothing jumps at me as being out of place or in need of tweaking so you have done your homework on this one.. 
It will actually be very similiar to the setup I have been using.
In answer to your query about a Management VLAN.. its really a tad overkill for most home/small business setups if honest. Providing you have all the clients on VLANs and only the router/switches/APs on the default VLAN1.. then really you dont need to worry about a management vlan. Just ensure you disable or apply a vlan to all "free" ports to stop accidental plug into the VLAN1.
In terms of auto adoption, if all ports are secure and only the hardware is on VLAN1, then no reason to worry about this