Move Omada Controller and EAP's to another Vlan

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Move Omada Controller and EAP's to another Vlan

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Move Omada Controller and EAP's to another Vlan
Move Omada Controller and EAP's to another Vlan
2023-11-17 20:45:08 - last edited 2023-11-23 09:26:45
Model: OC200   EAP650   ER707-M2  
Hardware Version:
Firmware Version:

I currently have a functional setup comprising an OC200 controller, an ER707-M2 router, and several APs (EAP650 and EAP225-outdoor). My network employs multiple VLANs to segregate the internal network, management network, and guest network.

Now, I'm looking to relocate my TP-Link devices to a new VLAN to isolate them from other network devices. However, I want to ensure a seamless transition without any loss of connection during the process.

Can anyone provide guidance on how to achieve this without encountering connectivity issues at any point with my devices? 

  0      
  0      
#1
Options
1 Accepted Solution
Re:Move Omada Controller and EAP's to another Vlan-Solution
2023-11-18 00:40:47 - last edited 2023-11-23 09:26:45

  @SKnokkie 

 

There are FAQs on changing the Management VLAN...but it's going to be far from seamless.  I took the opposite approach and I just kept all the clients on their own isolated VLANs (using swith ACLs to isolate/manage) and only left the Omada gear on the default management VLAN.  This, plus changing the default port profile for your managed switches should ensure that noone has easy access to the management VLAN...even if it is stil the 'default'.

<< Paying it forward, one juicy problem at a time... >>
Recommended Solution
  0  
  0  
#2
Options
2 Reply
Re:Move Omada Controller and EAP's to another Vlan-Solution
2023-11-18 00:40:47 - last edited 2023-11-23 09:26:45

  @SKnokkie 

 

There are FAQs on changing the Management VLAN...but it's going to be far from seamless.  I took the opposite approach and I just kept all the clients on their own isolated VLANs (using swith ACLs to isolate/manage) and only left the Omada gear on the default management VLAN.  This, plus changing the default port profile for your managed switches should ensure that noone has easy access to the management VLAN...even if it is stil the 'default'.

<< Paying it forward, one juicy problem at a time... >>
Recommended Solution
  0  
  0  
#2
Options
Re:Move Omada Controller and EAP's to another Vlan
2023-11-18 17:05:16

I did the same as d0ugmac1 but also changed the default network from VLAN 1 to a new VLAN.  It seems to also work fine.  I also use switch ACL's to block the management VLAN from all other VLANs, except 1 that I use for admin purposes.

  0  
  0  
#3
Options