Need to have all traffic on an EAP615-wall segregated

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Need to have all traffic on an EAP615-wall segregated

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Need to have all traffic on an EAP615-wall segregated
Need to have all traffic on an EAP615-wall segregated
2023-08-19 23:18:24
Model: EAP615-Wall   ER7212PC  
Hardware Version: V1
Firmware Version: 1.1.0

I rent out part of my house with internet access included. I wish to separate tenant traffic from the rest of the network, but still sending it through to internet. They should still be able to have connections between their devices, both wired and wireless.

 

Current setup is 1 EAP615-wall(EU) V1.0, firmware 1.1.0, which broadcasts tenant wifi and gives them wired ports. This is connected to an ER7212PC v1.0, firmware 1.0.3, which also all mine devices are connected to (two other 615 for wifi and one wired client, rest is wired directly to 7212).

 

I have tried to assign a VLAN to the port on the 7121 that the tenant 615 is connected to, following this guide: https://www.tp-link.com/us/support/faq/3091/ . However, as I experienced (and the guide noted, I later saw) assigning a VLAN to a port that goes directly to an EAP for some reason does not allow clients connecting to that EAP to get an IP adress.

 

Is there any way I can accomplish what I want with my current setup? If not, can something like the TL-SG105PE 5 port PoE switch allow some form of workaround?

 

As this is a home setup, and I bought this kind of hardware because I didn't find regular consumer solutions that allowed this kind of separation without getting into custom firmware and such shenanigans, I do not have the budget to buy one of the pricier JetStream switches, nor do I have anywhere close to the need for one.

 

I am making a separate post with a question about the firmware on my 615s.

   
  0      
  0      
#1
Options
2 Reply
Re:Need to have all traffic on an EAP615-wall segregated
2023-08-20 01:35:53
What you want to schieve can be done with discrete device functions (ie router, switch, ap, controller). Since the 7212 integrates the router, switch and controller, you are depending on the functions all working harmoniously. What you want is to create two VLANs, one for you and one for tenant. Your wired devices and SSID are set to your VLAN, and the tenants to theirs. You then create ACLs to prevent the two subnets/VLANS from talking to each other there is a great FAQ written by TPlink on how to do this.
<< Paying it forward, one juicy problem at a time... >>
  0  
  0  
#2
Options
Re:Need to have all traffic on an EAP615-wall segregated
2023-08-20 03:24:43 - last edited 2023-08-20 03:25:07

It seems like the faq you are referring to is the same that I linked in my comment, where the following can be found:

"Note: 1. Do not apply the profiles to ports with EAP connected. Otherwise, the wireless clients of the EAP will fail to connect to the internet."

It sounds like the solution you are proposing is the one that I have tried while following that faq, and that did not produce the desired result.

  0  
  0  
#3
Options