Home

Forums

Stories

Knowledge Base

Business Community > Wireless > EAP670: Help of AP Isolation / workaround?

< Wireless

EAP670: Help of AP Isolation / workaround?

EAP670: Help of AP Isolation / workaround?

EAP670: Help of AP Isolation / workaround?

2025-08-29 07:30:00 - last edited 2025-09-01 03:19:43

Posts: 3

Helpful: 0

Solutions: 1

Stories: 0

Registered: 2025-08-29

EAP670: Help of AP Isolation / workaround?

2025-08-29 07:30:00 - last edited 2025-09-01 03:19:43

Tags: #Network Connectivity

Model: EAP670

Hardware Version: V2

Firmware Version: 1.0.4 Build 20240314 Rel. 53356(5553)

Hello everyone,

I am revamping my home networking through a Firewall Appliance, and the EAP670 to provide wireless access. The router has four devices: WAN, the AP (.2), my old router (.9) and my NAS (.10). The router has no problem talking to any device on the entire network, wired or wireless. Wireless devices connected to the EAP670 cannot ping, or in any other way reach .9 and .10.

After much troubleshooting, it appears that the EAP670 is isolating the wireless network. I believe I went through every setting and found no way to turn off this behavior. I SSHd into the router, but apparently the user account can't really change anything - can't even ping!

My questions:

- Can someone confirm this is standard behavior for this AP? And specifically that there is no way to turn this off?

- Any workarounds? (e.g. root access to the AP? Alternate firmware?)

Thanks in advance for your help. The EAP670 is giving me the best wireless I've had at home, but the inability of wireless clients to directly access LAN services is more than a little annoying.

Dion

0

0

#1

1 Accepted Solution

LV1

2025-08-29 18:06:34 - last edited 2025-09-01 03:19:43

Posts: 3

Helpful: 0

Solutions: 1

Stories: 0

Registered: 2025-08-29

Re:EAP670: Help of AP Isolation / workaround?-Solution

2025-08-29 18:06:34 - last edited 2025-09-01 03:19:43

So, I answered my own question - I came up with a good workaround. Actually I wouldn't even it call it that. So in case anyone else later on has the same question...

My fix was to make the wireless clients its own subnet.

- I removed the ethernet port the AP is attached to from the LAN bridge and assigned it an IP.

- Ran DHCP in a different subnet from that port

- Set up firewall rules to allow traffic from the new subnet into the LAN

Works well. I got all I need.

Thanks!

Recommended Solution

0

0

#2

3 Reply

LV1

2025-08-29 18:06:34 - last edited 2025-09-01 03:19:43

Posts: 3

Helpful: 0

Solutions: 1

Stories: 0

Registered: 2025-08-29

Re:EAP670: Help of AP Isolation / workaround?-Solution

2025-08-29 18:06:34 - last edited 2025-09-01 03:19:43

So, I answered my own question - I came up with a good workaround. Actually I wouldn't even it call it that. So in case anyone else later on has the same question...

My fix was to make the wireless clients its own subnet.

- I removed the ethernet port the AP is attached to from the LAN bridge and assigned it an IP.

- Ran DHCP in a different subnet from that port

- Set up firewall rules to allow traffic from the new subnet into the LAN

Works well. I got all I need.

Thanks!

Recommended Solution

0

0

#2

2025-09-01 03:19:39

Posts: 3991

Helpful: 407

Solutions: 1342

Stories: 0

Registered: 2024-06-22

Re:EAP670: Help of AP Isolation / workaround?

2025-09-01 03:19:39

Hi @DionHouston

Thanks for the sharing.

APs are purely Layer 2 devices. Under normal circumstances and without special configurations, they allow mutual communication by default.

The behavior you're observing suggests that your firewall or router might have some form of isolation mechanism enabled.

Wish you a happy life and smooth network usage! >Omada US Enterprise Beta Program Launch< >Get the Latest Omada SDN Controller Releases Here< >Experience the Latest Omada EAP Firmware<

0

0

#3

LV1

2025-09-07 07:22:09

Posts: 3

Helpful: 0

Solutions: 1

Stories: 0

Registered: 2025-08-29

Re:EAP670: Help of AP Isolation / workaround?

2025-09-07 07:22:09

@Vincent-TP Thank you for your input. I took a look again, and the situation was more complex than I stated before.

I'm not super smart on networking, but it seems that when I bridge the router port the AP is on, the wireless clients appear to be outside the bridge, even though they're on the same subnet, and receive DHCP with no problem. What I ended up doing was taking the other two ports, bridging those, and put them on a different subnet, and now everything works with everything.

I'll probably take another look some other time, but this seems to work OK. It's now my NAS that's on a separate subnet instead of all my wireless clients which works better.

Thanks for leading me in a better direction...

0

0

#4