I received a new switch, that is compatible with Omada Controllers. This is how I made it my ‘Main Switch’ and swapped out the old non-compatible switch
Hardware
- New Switch: TP-Link TL-SG2008P
- Old Switch: TP-Link TL-SG108PE
- APs: TP-Link EAP245 V3
My Omada Controller is running in a Virtual Machine on my Server
Existing Setup
Omada
Inside of Settings > Wireless Networks > WLAN, I have two entries:
Loading..., VLAN 1 (Default)IoT, VLAN 10
Inside of Settings > Wired Networks > LAN, I had one entry:
LAN, interface, VLAN 1IoT, interface, VLAN 10
Switch
I have both APs connected to Port 1 & 2 on the TL-SG108PE, Port 8 going to
PfSense and other misc Ethernet connections on some other Ports. I have previously
attempted to get VLANs working with Omada & PfSense, so the 802.1Q VLAN
settings was currently at:
| VLAN ID | VLAN NAME | Member Ports | Tagged Ports | Untagged Ports |
|---|---|---|---|---|
| 1 | Default | 1-8 | 1-2, 8 | 3-7 |
| 10 | IoT | 1-2, 8 | 1-2, 8 |
Warning: These settings were a working checkpoint: Default worked. Something was wrong with IoT, It might have been PfSense settings I’m just not sure. I thought I’d mention that in case somebody decides to use that.
Initial Attempt
My first attempt was to plug and play, a 1-to-1 replacement. This did not work as the controller would not accept the Access Points and one of two things would happen:
- The Access Point would say “Disconnected”
- The Access Point would get stuck in the “Adopting”
Either way, I found that the Access Points could not be pinged while attached to the new switch. As it was getting late, my temporary fix was to plug in my APs to the old switch and plug the old switch into the new switch.
Trail an Error
I narrowed down the problem to the VLANs, but I was unable to revert everything back to a non-VLAN setup from before my previous attempt. Through Googling, I found a tidbit that mentioned that Omada doesn’t handle untagged traffic very well. That person was suggesting moving everything to a VLAN so that all traffic was being tagged, but that’s a radical change for my network and would screw up my Home Assistant.
Port Profiles
Port profiles are the root of the problem. Unlike my previous switch that let me
explicitly tag ports with VLANs, the Omada software doesn’t allow that to happen
with the new switch. Instead there is a Native Network (untagged) and then
Tagged Networks (tagged). There must always be a Native Network and the Native
Network cannot also be put into the Tagged Networks.
Dummy VLAN (Solution)
To get around this I made a dummy VLAN that can be used as a Native Network, which would allow me to tag all my actual traffic.
Creating
- Settings > Wired Networks > LAN: Create New LAN
- Name: AP
- Purpose: VLAN
- VLAN: 4090
- Save
Profile
- Settings > Wired Networks > LAN >| Profile: Create New Port Profile
- Name: Access Point Port
- Native Network: AP
- Tagged Networks: LAN, IoT
- Save
Setting Profile
- Devices >| SG2008P >| Ports
- Click the Edit Icon in the Action column for the correct port
- Profile: Access Point Port
- Apply
After being applied the Access Points immediately snapped on!
Conclusion
This was way more fiddly than it should be. I 100% understand that untagged
traffic should automatically go to the Default LAN, but clearly that isn’t
happening. Maybe I did something wrong in my previous attempt, I really have no
idea. But!- through all of my trail and error my WLANs and VLANs are now
working, so now I can start separating my IoT devices!