Configuration Guide How to Configure Bridge VLAN(MDUs) for Apartment or Hotel Scenarios
Background:
This post provides a configuration guide to bridge VLAN on the router to meet the requirements of the apartment or hotel room network design.
If you don't know what this bridge VLAN is for, please read this article. Enterprise Wi-Fi Solutions for MDUs | TP-Link Omada Pro
This Article Applies to:
All routers with multiple VLANs are supported.
Application Scenario:
Configuration Steps:
1. Select your Organization and choose your Site.
2. Go to Settings > Wired Networks > LAN.
3. Create a new VLAN interface. Set the VLAN Type as Multiple and specify the VLAN ID. Set other parameters according to your needs. Click Create.
In this setup, the AP is connected to the WAN/LAN5. PC is on WAN/LAN6. Yet the computer would not get an IP from the VLAN.
4. Then go to Wireless Networks > WLAN > Create New Wireless Network. Set up the parameters accordingly and click Create. Note that Guest Network is not enabled.
5. Because the multiple VLAN itself blocks the access between the VLAN range you set but it is not blocking the core network(LAN). We need to set up extra ACL rules to block access from the Room VLAN to the core network(LAN).
Go to Network Security > ACL > Gateway ACL > Create New Rule.
6. The setup is complete.
Verification:
Goal:
- VLAN between the room SSID is isolated.
- The core network(LAN) cannot be accessed.
1. Read the IP from the controller.
SSID = Room1001 IP = 10.0.0.2;
SSID = Room1002 IP = 10.0.0.3.
2. Test the isolation between the networks.
3. WIFIman and Wi-Fi Toolkit from TP-Link.
4. Test the core network cannot be accessed.
Note:
1. We recommend you set up 20 VLANs in 1 VLAN interface. If it exceeds this, you may experience some performance when the controller sends the config to the router.
2. If you want to set up the switch, you should do it from the Profile. If you have trouble with this part, please read the User Guide of the Omada Controller.
Example: This screenshot demonstrates the process of creating a new profile to include VLAN1001 to 1020. By assigning this profile to a switch port, that specific port will only receive traffic from VLAN1001 to VLAN1020. The default ALL profile will not be used on this switch port.
Update Log:
Jan 11th, 2024:
Update the format.
Recommended Threads:
Configuration Guide How to Configure WireGuard VPN on Omada Controller
Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates
Get the Latest Omada SDN Controller Releases Here - Subscribe for Updates
Feedback:
- If this was helpful, welcome to give us Kudos by clicking the upward triangle below.
- If there is anything unclear in this solution post, please feel free to comment below.
Thank you in advance for your valuable feedback!
------------------------------------------------------------------------------------------------
Have other off-topic issues to report?
Welcome to > Start a New Thread < and elaborate on the issue for assistance.
