OC200 Purchased
I am thinking about implementing the Omada OC200 cloud acces in to my network. Im in the learning process with this controller .
My network
ISP Gateway
Pfsense>Firewall /Router created with all Vlans that are working in all 3 Buildings on my Property.
Main Building
Switch 1 SG 3428 Main Switch
Switch 2 SG 2428P POE for Vlan 50.xxx Cameras
2-EAP610 1 hidden for Admin Lan 1.xxx. 1 for IOT Vlan for Staff 100.xxx
Building 2
Switch3 SG 2428P
Switch4 SG 1218POE Vlan Cameras 50.xxx
1EAP 613 Vlan access for Staff 100.xxx
1 Pharos CPE510 as AP to Building3 CPE510 Client
Building 3
Pharos CPE510 Client
Switch5 SG2428P Cameras VLan 50.xxx and Vlan 100.xxx IOT
1. Most important question>> If I adopt all my switched and EAP's will everything that is adopted loose all its configs?
A. Vlans? B. Static IP addresses? (Will I have to start from ground 0 and rebuild everything in the OC200 Controller?)
If rebuild has to happen, How do I go about doing this?> implement Vlans in OC200 <Link Documentation Please> and leave Pfsense Firewall/Router in place.
Thanks for any and all HELP!!
Big_12ms
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi@bigal_12ms,
Yes, you will lose all settings, because the controller will erase all settings once it adopts your devices. It is recommended that you can do the pre-configure on the Controller, and then connect all devices.
How to configure Multi-Networks & Multi-SSIDs on Omada SDN Controller
- Copy Link
- Report Inappropriate Content
Thanks for the reply @Hank21 .
Ok I have pfsense AS FIREWALL / ROUTER handling DHCP PLUS THE VLANS. This is my head scratcher. How do I keep Pfsense working Dhcp and use the OC200 contoller/Vlan setup.
That's sounds crazy I'm sure. I'm really into Making this work but still cant wrap my upstanding around it.
- Copy Link
- Report Inappropriate Content
It's not that crazy, but you will have to manually replicate in the Pfsense what the controller would have configured in a managed TPlink router. In your case it's the other way around, based on your config of the Pfsense router, you need to build a mirror image of that in the controller, so you define all your subnets, all your VLANs, ACLs etc. However, you can ignore the WAN settings, the DHCP and IP reservations, port forwarding/DMZ, etc that would get pushed to the Omada router's config. In short, you just need enough base config in order to re-establish your current functionality in your Omada switches and APs. Going forwards, if you make a change, say to add an SSID and subnet/VLAN, you will need to do that in both the controller and on your Pfsense.
- Copy Link
- Report Inappropriate Content
Thanks for taking the time to reply @d0ugmac1 .
I will working on your solution today a little at a time. May have a few Questions along the way Today. Please understand there is no rush to reply. If I get stuck . I have a work around in Place to keep all connections up and running without VLans. My ISP created a DHCP by pass just in case I BREAK my Network.
Thanks Again @d0ugmac1
Big_12ms
- Copy Link
- Report Inappropriate Content
You can adopt 1 device at a time. So you can 'test' your overall config on less critical parts of your infrastructure first and work your way up to the main distribution switch. Personally I'd start out with a single AP and see if it performs the same after adoption as it did in standalone (this will test your config of LAN subnets and assigned VLAN, as well as your SSID definition and VLAN mappings). You may want to read up on 'Management VLANs', but at least understand the default mgmt vlan is 1, so don't use that for other services/subnets.
If you are super paranoid, you can take a standalone backup each device before you adopt it :)
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
A firmware update would reset the AP to it's default state. Did you backup and then restore each APs config? Is your controller on a 192.168.0.X/24 subnet...because that is where all the firmware updated APs will be.
- Copy Link
- Report Inappropriate Content
The Controller was the only piece that updated. I can still logging to each EAP change whatever. I just cant see them in the Controller to adopt those ANYMORE.
Vlan 100.xxx and Vlan 50.xxx.
TALK more tomorrow.
Big_12ms
- Copy Link
- Report Inappropriate Content
The default for the Management VLAN is untagged and belonging to subnet 192.168.0.0/24. You need to make sure that the switch ports that the OC200 and APs are connected to are members of VLAN 1 and that their PVID is VLAN 1 (ie VLAN 1 is untagged on those ports), and for the AP ports, you want to make sure that they are also members of VLAN 50 and VLAN 100 (tagged).
When debugging, I typically plug my laptop into one of the OC200 ports and use the other port to connect it to the upstream switch or router. I then validate what IP my laptop has and what IP the controller gets. Then I try to reach the device I would like to managed...first determine its IP (pfsense list of connected devices?) and then if I can reach it via ping. If the IP of the controller is different from the AP, then I need to change the PVID of the AP switchport to be the same as that of the controller.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1878
Replies: 27
Voters 0
No one has voted for it yet.