Hi Team,

I’m facing an issue for the past 4 days and would really appreciate your help.

Setup / Topology

• Router: OPNsense

• Switch: TP-Link TL-SG1016PE

• Access Point: TP-Link EAP650

• VLAN: IoT network (VLAN ID 20)

The EAP650 is connected to the switch via a trunk port.

Issue Description

I am using an iSmartGate device and facing connectivity issues when it is connected to VLAN 20.

• Initial setup works fine on VLAN 20

• After that, the device becomes inaccessible via the mobile app

• The app shows “could not connect” even when:

  • Phone and device are on the same SSID/VLAN

  • Internet connectivity is working

After some time, the device even reboots automatically.

Key Observation

I performed packet captures and noticed:

• The device sends UDP broadcast packets to 255.255.255.255:8005

• These packets are not received by other WiFi clients (phone) on the same VLAN SSID

• However:

  • Unicast traffic (ICMP ping, DNS, internet access) works fine

  • Multicast (e.g., mDNS 224.0.0.251) appears to work

Comparison

• When the device is connected without VLAN tagging (flat network) → everything works perfectly

• When connected to VLAN 20 over WiFi → broadcast traffic seems to be suppressed

Suspected Cause

This behavior started after upgrading firmware on both:

• EAP650

• TL-SG1016PE

Based on testing, it appears that broadcast traffic between wireless clients on VLAN SSIDs is not being forwarded properly, possibly due to optimization or filtering behavior.

Request

Can someone please confirm:

1. Is broadcast suppression between wireless clients on VLAN SSIDs expected behavior on EAP650?

2. Are there any settings to allow full L2 broadcast forwarding between WiFi clients on the same VLAN?

3. Could this be a firmware regression?

I can provide full packet captures and additional logs if needed.

Thanks in advance for your help.