TL-SG108E Switch VLANS and Ubiquiti/UniFi Switches

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

TL-SG108E Switch VLANS and Ubiquiti/UniFi Switches

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TL-SG108E Switch VLANS and Ubiquiti/UniFi Switches
TL-SG108E Switch VLANS and Ubiquiti/UniFi Switches
2023-02-17 16:23:13 - last edited 2023-02-21 21:42:21
Model: TL-SG108E  
Hardware Version: V6
Firmware Version: 1.0.0 Build 20201208 Rel.40304

Hello, I have several TL-SG108E and TL-SG108PE switches that have been configured to work with Ubiquiti switches and VLANs. I will post the configuration steps below. Everything has been working great until yesterday at 1630. At 1630 all my TP-Link switches stopped responding to Ping. I use PRTG to monitor my network and received email alerts for each switch that it stopped responding to Ping. I tried to ping them from my computer and there is no response. I also cannot access the web interface for the switches. They are still passing traffic as they should. I can ping printers, cameras, PCs, etc. that are connected to the switches. I pulled a spare off the shelf that was already configured and it did the same thing. I factory reset it and was able to get into the GUI. I updated the firmware to the newest version from TP-Link's website and went through the same configuration steps that worked before, but once I change the profile that the Ubiquiti switch uses from my MGMT VLAN, it stops responding to ping. I set the port back to the MGMT VLAN and it came back up.  I then continued the rest of my configuration and then switched the profile back to what it needs to be for those VLANs and it stops responding to Ping again.  Now switching back to the MGMT VLAN the switch no longer responds to Ping. However, when the port is set to the profile I need for those VLANs, those ports on the TP-Link switch pass traffic as they should. Any ideas what is going on? I would like to be able to monitor these switches with PRTG as well as have the ability to login to the GUI to make changes without having to factory reset the switches. Any ideas?

 

Configuration steps (I modified the steps in this article to get the VLANs to work correctly in the beginning (https://community.tp-link.com/en/business/forum/topic/105250)):

 

  1. Set the port to VLAN 50 (MGMT) in UniFi.

  2. Scan the MGMT DHCP Range for the Switch.
  3. Login to the TP Link switch as admin/admin.
  4. Set the new Password (6-16 characters, English letters, digits, and underlines).
  5. Go to System > IP Setting > DHCP Setting > Disable.
    1. Enter The Following:
      1. Static IP Address
      2. Subnet Mask
      3. Default Gateway
    2. Click Apply
  6. Go to VLAN > 802.1Q VLAN
    1. Tick Enable by 802.1Q VLAN Configuration, click Apply, then click OK.
    2. Enter VLAN ID “50”, VLAN Name “MGMT”, Tag the UPLINK port and click Add/Modify.
    3. Set the port profile to TP-Link Switches in UniFi.


       
    4. Enter VLAN ID “1”, VLAN Name “Uplink”, and click Add/Modify.
    5. Create VLAN ID “3”, VLAN Name “CorpWired”, and assign ports 2-4 as Untagged. Create VLAN ID “7”, VLAN Name “Printers”, and assign ports 5-8 as Untagged.
  7. Go to VLAN > 802.1Q PVID Setting. Assign PVID “3” to ports 2-4 and PVID “7” to ports 5-8.
    Note: This must be done in order to remove them from the default/uplink VLAN in the next step.

  8. Go to VLAN > 802.1Q VLAN.  Assign port 1 as a tagged member of VLANs 3 and 7.
  9. Remove ports 2-8 as members of VLAN 1 (check “Not Member”).  Leave port 1 Untagged in VLAN 1 to not get disconnected from the switch.
  10. Ports 2-4 are now members of VLAN 3 CorpWired, Untagged Ethernet frames will be assigned to VLAN 3 due to the PVID setting and are being forwarded to port 1 only.  Ports 5-8 are members of VLAN 7 Printers, Untagged Ethernet frames will be assigned to VLAN 7 and are being forwarded to port 1, too.  Port 1 is a Trunk port, Tagged frames will be forwarded to members of the appropriate VLAN (VLAN 3 > ports 2-4, VLAN 7 > ports 5-8, Untagged frames > port 1.
     
  0      
  0      
#1
Options
4 Reply
Re:TL-SG108E Switch VLANS and Ubiquiti/UniFi Switches
2023-02-18 03:23:39 - last edited 2023-02-21 21:42:21

  @DougSCH I'm assuming you are setting the switch static IP to be in the VLAN 50 range, otherwise I don't think that VLAN 50 is doing anything for you since VLAN 1 is also isolating the access ports from the trunk uplink.  Since these switches don't exchange settings or usage data with each other or a controller, there is little need for a management VLAN connection.

 

My best guess as to what might have happened, is if UniFi stopped accepting the static IPs set in the switches. UniFi then renewed the switches IP's on the DHCP, and assigned the switches to VLAN 1 since that is the untagged VLAN on the uplink.  My next guess is that an ACL that allows access to VLAN 50, got changed or broken.  Since VLAN 1 and 50 are really trying to do the same thing, there doesn't seem to be a need for both.  One of the two should be the uplink untagged network and the other removed.

  0  
  0  
#2
Options
Re:TL-SG108E Switch VLANS and Ubiquiti/UniFi Switches
2023-02-20 16:46:12

  @JoeSea Thank you for your assistance! I made the changes as suggested and have not lost ping yet (I do use the MGMT VLAN for device IPs). I created a new Profile in UniFi with the Native Network set to VLAN 50 MGMT and Unchecked the Default network. I will let this test switch run for a while and monitor it, if all stays working I will reset and reconfigure the other switches like this one.

 

 

In the switch, I removed VLAN 1 from everything and set the default PVID for the MGMT/Uplink port to VLAN 50.

 

  0  
  0  
#3
Options
Re:TL-SG108E Switch VLANS and Ubiquiti/UniFi Switches
2023-02-21 21:50:45

  @JoeSea Well, everything was looking good so I reset and reconfigured a production switch yesterday. I went to do one today and now I cannot access the switch after factory resetting it. Looking further I cannot access the one that I setup yesterday or the test switch on my desk. I set the port in UniFi to VLAN 50 as I did before, but the switch never gets an IP Address from the DHCP Server. I ended up being able to configure it how I had in the past but from VLAN 3. I configured all the VLAN tagging first and left the uplink port on the default VLAN 1 with the other VLANs Tagged on Port 1. Once I set the IP to Static on the 50 VLAN and switched the port to my TP-Link profile in UniFi I lost access to it. However, it does seem to be passing traffic as it should to the correct ports/VLANs. I have no idea what is going on.

  0  
  0  
#4
Options
Re:TL-SG108E Switch VLANS and Ubiquiti/UniFi Switches
2023-02-22 18:14:45 - last edited 2023-02-22 18:15:11

  @JoeSea Over night I received several up and downs on the management IPs. Below is the history on a few going back to the 16th. They don't go down at the same times either. However, when they are not responding to ping, they are passing traffic as they should.

 

 

 

 

 

 

  0  
  0  
#5
Options