Omada Hardware Controller showing WIFI clients on LAN Wired Network
Omada Hardware Controller showing WIFI clients on LAN Wired Network
Hi,
I have get issue in my Omada VPN ER605 and Hardware Controller OC300 1.0 (Firmware Version 1.14.7 Build 20221206 Rel.60706)
the problem we are facing my clients that are connected to WiFi EAP. But the controller software says they are connected to my Lan (TL-R605)
and the EAP which we are using all connected through the CAT 6 Cable due to this problem Im facing a lot problem in Voucher Portal even for
clients
the measure problem is the WIFI is connected through the client mobile but internet is not working even the mobile is showing good WiFi Signal but
when you just check the ip address on the Omada Portal its showing 2 clients on one ip so I don't why the Omada Controller issue the one ip address
on two Clients
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @AnnusKhan
Thanks for posting in our business forum.
AnnusKhan wrote
Thank you Clive for your reply
the problem we are facing has been fixed by my team, after changing of VPN router and we do not get any "unauth" error in Captive Portal right now
but after this, we just getting another problem which I highlighted before to @d0ugmac1 that some wireless Client is showing on the wired Network
this is happening after we just replaced the VPN router, we don't have any problem like this before , so look into this matter and let us know about
the solution because due to this situation we have getting internet problems to clients.
VPN_R: ER8411 v1.0
Firmware Version:1.1.0 Build 20230705 Rel.64091
Omada_CN:OC300 1.0
Firmware Version:1.19.3 Build 20230906 Rel.38429
we have a total 8 sites, and only in 2 sites we are getting this problem even though the configurations of all site is the same
All sites we are having the same VPN_Routes and Omada_Controllers
Do you apply the Omada switches and EAP in your setup? I mean all of the devices are Omada?
Picture shows that they are wired to the port, and do you have another switch or AP cascade on the Omada switch? If yes, that might display incorrect devices due to other brands' networking devices.
- Copy Link
- Report Inappropriate Content
Thank you for the solution, the problem has been fixed by the team
Yes @Clive_A there is some unknown access point connected throught the Omada swtich
so when the client is connected through Unknown AP the omada_CN showing clients on the wired network
now the problem is fixed
Thank you so much for your support.
- Copy Link
- Report Inappropriate Content
Which EAP models are you using?
Are they all wired back to switches, or are some of them meshed?
If meshed, do you ever connect anything to the ethernet port of the wirelessly linked AP?
What firmware version are the EAPs running?
- Copy Link
- Report Inappropriate Content
I have total 72 EAP which are as followes:
EAP225(EU) v4.0 X 41 - (Firmware Version: 5.1.0 Build 20220926 Rel. 62456)
EAP 225(EU) v5.0 X 3 - (Firmware Version:1.1.3 Build 20230224 Rel. 48254)
EAP245(EU) v3.0 X 28 - (Firmware Version:5.0.6 Build 20220429 Rel. 44315)
All EAPs are connected with wire (POE) going back to switches (in total 15 switches).
TL-SG2428P v1.0 X 1 - (Firmware Version:1.1.7 Build 20221130 Rel.42340)
TL-SG2210P v3.20 X 14 - (Firmware Version:3.20.8 Build 20221130 Rel.42340)
In addition i am using VPN- Model: ER605 v1.0 (Firmware Version:1.2.1 Build 20220512 Rel.76748)
and hardware based controller OC300 v1.0 (Firmware Version: 1.14.7 Build 20221206 Rel.60706).
- Copy Link
- Report Inappropriate Content
Thank you. Can you also expand the fields and provide a new grab showing all columns? Enable that here (click the 3 vertical dots to the right of ACTION, then select All Cols)
Can you also provide all your LAN subnet defintions?
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Ok, that is a lot of moving parts!
Some initial thoughts:
1. I would separate out the device LAN from the user LAN. Maybe keep 134.1.1.0/24 (VLAN 1) for your devices and use 134.1.4.0/16 (VLAN 4?) for your users?
2. Those ARE your IPs, ie you are located in Bremerhaven right? If so, all the more reason to separte the users from the network devices ;)
3. If any of those AP were to become logically 'disconnected' from their wired switch but remain powered, they could mesh themselves. Spanning tree hiccup?
Maybe just turn that option off in the controller since you aren't planning to use it
4. Also, are you using the second port (or maybe have students decided to use?) in the EAP245's?
Daisy chaining can often confuse the controller in terms of where the traffic is actually coming from
5. You could check the controller event logs (you may need to tweak the verbosity level) and scan them for details of how and when 'LAN' connected users join
- Copy Link
- Report Inappropriate Content
There is also some beta firmware that fixes some DHCP bug which may be relevant to your case.
https://community.tp-link.com/en/business/forum/topic/600702
This might cause a loss of synchronization between the DHCP server and the IP assigned if under heavy load.
Last point, the ER605v1 seems woefully underpowered for the size of your deployment. I would have though the 7206 at a minimum?
- Copy Link
- Report Inappropriate Content
Thank you for your suggestions,
1. I would separate out the device LAN from the user LAN. Maybe keep 134.1.1.0/24 (VLAN 1) for your devices and use 134.1.4.0/16 (VLAN 4?) for your users?
I will separate the Devices and clients.
2. Those ARE your IPs, ie you are located in Bremerhaven right?
Located in KSA (Saudi Arab) :)
3. Done, Mash disable.
4. Daisy chain
No, all APs are directly connected to switches with POE
5. You could check the controller event logs (you may need to tweak the verbosity level) and scan them for details of how and when 'LAN' connected users join
Noted
- Copy Link
- Report Inappropriate Content
There is also some beta firmware that fixes some DHCP bug which may be relevant to your case. https://community.tp-link.com/en/business/forum/topic/600702
This might cause a loss of synchronization between the DHCP server and the IP assigned if under heavy load.
I think i should wait of stable version because i have almost 750 clients, cannot afford network down :P
Last point, the ER605v1 seems woefully underpowered for the size of your deployment. I would have though the 7206 at a minimum?
I have 7206 i will try to change it, however last time when i change controller i face the issue that Access points starts adopting and connecting (back and forward)
- Copy Link
- Report Inappropriate Content
For the swap over, please keep in mind that you can have exactly 1 (active) router per Site in Omada controllers.
You should be able to do a relatively clean swap over (though there will be at least 5-10min of connectivity outage for users) over if you:
1. Using a laptop, factory default the ER7206 and then apply the latest firmware (1.3.0 at this time)
2. Connect ER7206 LAN port to same switch as ER605 LAN port is connected and power it up
3. Verify you can see ER7206 discovered in the Controller and it is ready to be Adopted
4. Power down ER605
5. Adopt ER7206
6. Move WAN connection from ER605 to ER7206
7. Validate connectivity.
If anything goes horribly wrong, power down ER7206, move WAN cable back to ER605 and power ER605 back up.
- Copy Link
- Report Inappropriate Content
Hello, I hope you are OK, can you tell me how we can create a 2 VLAN policy in the Omada hardware controller, as per your suggestion we want to make two policies on the same network group one is for the Devices and another for the Clients, we have done all thing which you have recommended to us, but we are facing the same issue that the WIFI clients showing on the Lan wired Network.
The second thing we are facing is some problems with our client's getting a notification on their mobile phone like (Obtaining their IP address...) so that time they don't get the Ip address from the VPN router and we don't have any solution for that even we have just tried to forget it and reconnected again but the problem is still same only we can resolve this issue by restarting the whole system by the power.
I just share with you some pictures from the client's mobile phone have a Look
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 2453
Replies: 17
Voters 0
No one has voted for it yet.