Home Network Community > Deco > Deco X50 guest wifi - no internet access
< Deco

Deco X50 guest wifi - no internet access

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Deco X50 guest wifi - no internet access

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Deco X50 guest wifi - no internet access
Deco X50 guest wifi - no internet access
2022-05-31 18:16:16 - last edited 2022-06-01 09:32:19
Model: Deco X50  
Hardware Version: V1
Firmware Version: 1.0.8

Hi all,

 

I recently purchased a set of 3 Deco X50 units and they work really well!

 

I'm running them in AP mode (because my ISP modem/router doesn't support modem-only mode, and it includes a proprietary VoIP adapter that provides our landline telephone, so can't easily be removed).

 

The Decos all connected via ethernet into a TP-Link unmanaged switch. The router is a Sky SR204 with DHCP enabled and WiFi disabled.

 

I've just tried to set up the Guest WiFi and while it works, if I select to 'Isolate From Main Network', the guest network can no longer see the internet.

 

I appreciate that this isn't using VLANs, or a different subnet, but is someone please able to explain how the guest network becomes isolated, and also why it can't see the internet?

 

Many thanks,

Dean

 

 

  1      
 
  1      
 
#1
Options
1 Accepted Solution
Re:Deco X50 guest wifi - no internet access-Solution
2022-06-01 07:44:00 - last edited 2022-06-01 09:32:19

  @greendragon 

Thanks for the feedback.

I haven't seen similar feedback on the Deco X50 before and could you please help me check the following information:

1. Do you have a customized DNS server in the LAN network?

--Normally without additional settings, the LAN IP address of the main router would be the default LAN DNS server. And if there is a separate LAN DNS server, it might be considered the host device and separated from the guest network.

2. Could you please check whether the guest devices are able to get the correct IP address and ping 8.8.8.8/8.8.4.4?

 

Thank you very much.

Best regards.

 

--------------------------

Deco X50-PoE is ready for your advice. If you are interested, please help us complete the following survey.

Deco X50-POE Survey

 

Check What's Currently Going on With DecoDeco Wi-Fi Heatmap ready for Test!
Recommended Solution
  1  
  1  
#2
Options
3 Reply
Re:Deco X50 guest wifi - no internet access-Solution
2022-06-01 07:44:00 - last edited 2022-06-01 09:32:19

  @greendragon 

Thanks for the feedback.

I haven't seen similar feedback on the Deco X50 before and could you please help me check the following information:

1. Do you have a customized DNS server in the LAN network?

--Normally without additional settings, the LAN IP address of the main router would be the default LAN DNS server. And if there is a separate LAN DNS server, it might be considered the host device and separated from the guest network.

2. Could you please check whether the guest devices are able to get the correct IP address and ping 8.8.8.8/8.8.4.4?

 

Thank you very much.

Best regards.

 

--------------------------

Deco X50-PoE is ready for your advice. If you are interested, please help us complete the following survey.

Deco X50-POE Survey

 

Check What's Currently Going on With DecoDeco Wi-Fi Heatmap ready for Test!
Recommended Solution
  1  
  1  
#2
Options
Re:Deco X50 guest wifi - no internet access
2022-06-01 09:31:56

 Hi @David-TP,

 

Many thanks for coming back.

 

I was actually typing a reply as your message came in - I'd been thinking this was a DNS-related problem from further reading on the community overnight (and some testing).

 

I've found that I can ping the internet fine, and if my device has cached a DNS response, it can also access that website. It can't resolve new domain names though, so DNS is almost certainly the culprit.

 

I don't have a separate DNS server on the LAN, but I do have a firewall that filters DNS traffic - this is likely causing the problem. The device I use is a Firewalla Purple in bridge mode between my main TP-Link switch (that the Decos are connected to) and my ISP router.

 

The Firewalla intercepts DNS requests, and has features to stop DNS traffic circumventing it, so is likely stopping the guest DNS reaching the DNS server on the router. The Firewalla also has it's own IP address, so I guess the Decos are assuming that it's a device on the host network and therefore (very cleverly, I must say) isolating it from the guest traffic.

 

Apologies for troubling you on this - I wasn't sure how the guest mode routed the traffic, but I understand much more about it now, thank you. I'll try adjusting settings on the firewall to either allow the guest DNS through - or somehow resolve it for the guest network. I'll report back when I've made some progress.

 

Thanks again for your help.

 

Best regards,

Dean

  1  
  1  
#3
Options
Re:Deco X50 guest wifi - no internet access
2022-06-10 10:55:42

Hi @David-TP,

 

Just a follow-up: am I right in thinking that the X50 device isolation filters traffic at layer 2 (MAC address), rather than IP address?

 

I ask because I can see DNS responses (with wireshark) coming from my router/gateway IP address (192.168.0.1 in my case), but these don't reach the client with device isolation enabled. 

 

The reason, I believe, is that despite the DNS response having the gateway/router IP address, the packet has my firewall's MAC address.

 

My firewall (Firewalla Purple) sits inline between the ISP router and the Deco units. It intercepts DNS from the network to filter malicious/unwanted material, but the network 'sees' it as a DNS response from the ISP router.

 

Not a problem if that's how it works, but I wanted to make sure I understand why it isn't working - and to mention it in case anyone else has a similar setup.

 

Thanks again,

Dean

 

  0  
  0  
#4
Options

Information

Helpful: 1

Views: 2652

Replies: 3

About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.