[This article applies if you are running your Firewalla in Simple and DHCP mode only, this does not apply to Router mode in Firewalla Gold or Purple series boxes. ]
- To configure Google or nest Wifi with Gold series boxes, see Firewalla Gold Tutorial: Google Wifi or Nest Wifi Mesh network with Gold Series (Beta) or
- Google Wifi or Nest Wifi Mesh network with Purple (Beta).
We absolutely love the newer generations of meshed routers. We use them at home and at our office.
However, we have noticed some strange things happening when Firewalla connects the mesh network, such as not being able to access the internet or loading a website is very slow. This is mainly due to the conflict between satellite boxes and Firewalla. Our recommendation of the solution is, disable the monitoring of satellite mesh devices in the Firewalla app. This won't affect Firewalla's monitoring of devices that are connecting to the satellite boxes via Wi-Fi.
If you are running the Firewalla Gold in router mode, all you need is to turn on Bridge or AP mode on your mesh. There is no need to do anything extra.
To disable monitoring of satellite devices:
- Tap on "Devices" icon.
- Find the satellite devices from the list, usually, the devices name is like "Google", "Linksys", "Orbi or Netgear", "Orbi / Orbi Pro".
- Tap on the device name, scroll down to the bottom of the page, swipe the "Monitoring" button to turn it off.
When a device's monitoring is turned off, in the device list UI, you should see a blue icon, which indicates "monitoring off", next to the device name.
Some vendor mesh routers may need additional configuration to use a certain feature, or bypass some known issue, they are listed below by vendor.
- Google Wifi
- Connectivity issue
- Use VPN Servier - Linksys Velop
- Network slowdown
- Use IPv6 - TP-Link Deco (M5)
- Eero
- Wifi Extenders in General
Google Wifi / Nest Wifi
For Google Wifi, we recommend using the DHCP mode. See this article. The workaround for Simple mode only works for some users.
If you still want to try your luck with Simple mode, try these workarounds:
Firewalla Simple mode is compatible with some Google Wifi deployments using workarounds from below. We know some Google wifi deployments will require DHCP mode instead of Simple mode.
* Note: There is quite a lot of confusion when talking about Google Wifi. Here we are referring to the latest router from Google as Google Wifi Not the older router from Google also called Google Onhub: Currently, Google Onhub is not compatible with Firewalla.
Connectivity issue:
If you are running into connectivity issues, there are several tricks you can try:
- Turn off Guest Wifi
We have recently heard one issue with Google Wifi + Guest Wifi. If you running into issues, please turn Guest Wifi off. - Turn on the Family Mode
by tapping on the family mode button. We have found google Wi-Fi built-in DNS may crash. The family mode will curcumvent this issue. We are working on a better solution. Another solution is to manually set DNS server on the device. - Changing DNS to Customized DNS
We also worked with one customer on the issue related to a slower DNS problem; if you encounter this, please do not use Automatic mode in DNS; use the option to manually give the DNS address. According to Reddit, this is a possible Google Wifi Bug.
Tutorial on How to Change Google DNS to Custom - Turn off Wifi Point Usage Stats, Turn off Google Wifi Cloud Services
- If the problem persists, try the experimental mode. In the Firewalla app, select "Monitoring", and under the mode option, select "Experimental Simple Mode".
We have one customer who confirmed this works.
To Work with Firewalla VPN Server:
To work with the Firewalla VPN Server feature, we recommend turning off its port mapping capability. Turn on UPNP feature instead. Detailed instructions are as follows:
- Turn off Firewalla monitoring globally in Firewalla App
- Open Google Wifi App, Settings → Network & General → Advanced networking, remove all
DHCP IP reservations and Port forwarding. Then turn on UPnP. - Turn OFF and ON VPN feature in Firewalla App. In this step, Firewalla will automatically create a UPnP port mapping on Google WiFI port 1194.
(Ignore "Need Manual Step" info in the app if you see it in the VPN settings page, it's a bug. Optionally you can reset the profile and password to clear the "Need Manual Step" flag.) - Test if OpenVPN works.
- Turn Firewalla monitoring back on
- Test if OpenVPN still works.
Linksys Velop
Firewalla Simple mode is compatible with Linksys Velop.
Network slowdown:
If you encounter issues with slowdowns, please turn off express forwarding via Connectivity Configuration. De-select Express Forwarding.
Use IPv6:
When the ipv6 feature is turned on, you 'may' need to disable Linksys ipv6 SPI firewall.
TP-Link Deco (M5)
Some customers have said the TP-Link Deco (M5) will work with Firewalla's Simple mode.
Eero
Firewalla Simple mode is NOT compatible with Eero v1 or Eero Pro Wi-Fi 6 units, please use Firewalla DHCP mode instead. For Eero Pro Wifi 6, please see this guide.
Eero V2 should be compatible with Simple mode.
ASUS Mesh
We have some customers reporting issues with Asus Mesh in Simple mode, and we are investigating. If you have issues with it, please let us know. If you don't have any issues with it, please let us know that too. (help@firewalla.com)
Wifi Extenders in General
These are strange beasts. We have seen these extenders remap device MAC addresses. If you have seen your device keep on changing MAC addesses or have strange devices it is likely these extenders dynamically remapping device MAC addresses. Also, it is a good practice to turn off monitoring on the extenders.
Comments
10 comments
Note that according to eero, if you use use your eeros in bridge mode they must be wired as follows:
I have orbi router with two satellites, AP mode, connected to firewall gold, can I turn off monitoring two all, orbi router and satellites? thanks!
@carlos, if you are using the Gold under router mode, you do not need to do anything special. It should just work. This document only apply to when you are using the Gold in the traditional simple/dhcp modes.
When I had Blue I turned off monitoring on eero, with Gold (in router mode) I left monitoring on for eero and it seems perfectly happy.
Do we need to disable monitoring on main mesh device too?
and do we need to disable monitoring on satellite if connected by ethernet backhaul?
Same question as @S. M.
i am using TP-Link Deco X68 and it is disrupting the internet. I have tried the simple mode, experimental simple mode, it does not work. I did switch off the monitoring for the two mesh, but I am not able to switch off the monitoring for the main router. There is no option.
@tirthankar sen
I use Linksys Velop which wouldn't work in simple mode for more than a few hours before killing the network. It only works reliably in DHCP mode.
Is your main router in the base range of IP addresses? Ie 192.168.1.x? Are your satellites in the base range or in the overlay range of IP addresses?
In my setup, the main mesh and the satellites are all in the base range. The main mesh didn't need the monitoring off, it was off by default. I've turned off monitoring on both of the satellites but it didn't seem to matter that much if the monitoring was on or off.
I have followed the above steps in order in an attempt to get my Gold working in Simple Mode with my Nest WiFi mesh (turned off WiFi AP monitoring, turned off Google logging, configured static DNS address, enabled both Simple and Experimental Simple mode). I have also disabled Advanced Security blocking.
However, all devices are suffering delayed or blocked connectivity. AppleTVs time out, web sites do not load, images in email do not load, etc.
Unplugging the Firewalla resolves the problem.
Anything I'm missing, other than the complex multi-lan workarounds? I am a network engineer, but hesitant to make my large home network even more difficult to support.
@Don, I suggest trying this https://help.firewalla.com/hc/en-us/articles/360048869274-Firewalla-Gold-Tutorial-Google-Wifi-or-Nest-Wifi-Mesh-network-with-Gold-Beta-
Please sign in to leave a comment.