VLANs/Networks on AP7

Follow

Eric Sather

• January 21, 2025 20:43

So I have a Gold Pro set up with WAN in port 1, AP7 in port 2, Omada AP in port 3, and a switch in port 4. When I went to set up the AP7 I added the Wifi networks (four of them) but when I go to create a wifi network, no matter what I do only LAN 1 and Cameras show up.

So it seems to only allow using networks assigned to port 4 in my case? If I only assign Guest, Heric, and IoT to port 2 (where the AP7 is plugged in) it doesn't even find the AP7. 

 

 

1

• 

  Eric Sather

  • January 21, 2025 20:44

  Just to add to this LAN 1 is the only one set as network type LAN, the others are set as a VLAN. I'm guessing that's part of what's coming into play although not sure why. 

  0

  Comment actions Permalink
• 

  Firewalla

  • January 21, 2025 20:58
  • Edited

  Firewalla AP units need to connect to a physical port with default VLAN as a network. I don't see your port 2 or 3 has a default network, if you create one there (bridged 2/3, like your VLANs), then it should see all the VLAN's. 

  This is the reason you plug AP7 it only sees the Camera VLAN. 

   

  0

  Comment actions Permalink
• 

  Eric Sather

  • January 21, 2025 20:59

  Wouldn't LAN 1 being on the port count as a default network?

  0

  Comment actions Permalink
• 

  Eric Sather

  • January 21, 2025 21:08

  Doing this "fixed" it but Don't understand why 1. Omada AP was just fine without this config. 2. Why do I have to add my Wireless VLANs to my wired LAN port when they will never be used there and shouldn't be allowed on there. 

  In the firewalla world is network type "LAN" vs "VLAN" just referring to default VLAN?

   

  

  0

  Comment actions Permalink
• 

  Firewalla

  • January 21, 2025 21:18

  If you connect the AP7 to a port on the Firewalla, AP7 will see the main network there and all the VLANs on that port. The is pretty standard when you connect anything to a trunk port. 

   

  0

  Comment actions Permalink
• 

  Eric Sather

  • January 21, 2025 21:28

  My AP7 is plugged directly into the firewall gold pro. I'm a networking/firewall sysadmin and do this for a living and have configured Cisco, Aruba, and Checkpoint networking so I do know how things work "pretty standard". What I'd expect to be able to do is per port on the firewall set the default network and any VLANs also on that port. 

  I was fine adding LAN 1 to port 2 for the AP7, I just don't understand why I have to add the Wifi VLANs to port 4.  

  0

  Comment actions Permalink
• 

  Firewalla

  • January 21, 2025 22:27

  I believe this is how the internals are bridged together. The rule is that if you plug AP7 into a port, AP7 will be able to switch traffic to all the VLAN networks configured on that port. 

  0

  Comment actions Permalink
• 

  Eric Sather

  • January 21, 2025 23:33

  So I figured it out and it's what I asked about above which is that network type "LAN" basically means default network/VLAN (although untagged which is annoying) which I can understand, but still shouldn't be necessary. 

   

   

  

  

  0

  Comment actions Permalink
• 

  Csimet

  • February 07, 2025 13:17
  • Edited

  Eric... I just stumbled across this thread and had the same issue.  I also agree with you on how Firewalla does this vs. most other network gear, but remember these are ex-Cisco engineers I think. 

  I'm a 30+ year network and data center engineer... I always had issues getting Cisco switches to play nice with the likes of Juniper and others in how they handle untagged (default) VLAN1.  ;)

  I think it was because of their CDP vs. LLDP implementations and using untagged VLAN1 as a default switch to switch communications transport means for management.

  1

  Comment actions Permalink

Please sign in to leave a comment.