VLAN Wi-Fi AP not getting DHCP addresses

DominikHoffmann

@viragomann: That may be it! I’ll fix it and then will have my client check it out.

Back a few hours later, correcting the VLAN IDs did not fix the issue. Here is the corrected configuration:

Jarhead

@DominikHoffmann You haven't posted the switch config, could it be using the wrong tags as well?
Also, I just returned a 356-FIT AP. If you need mDNS for anything on wifi, you're gonna have problems. Was working with their tech support for over a week and they acknowledged the problem, but didn't really seem into wanting to fix it.
Couldn't deny it with all the tcpdumps I gave them showing no responses, but just kept telling me to try a different setting, that we already tried before.
Finally gave up and went with a Unifi AP.

DominikHoffmann

This post is deleted!

DominikHoffmann

@Jarhead: Are you referring to Interfaces → Switch → VLANs? That configuration screen is the first one posted. If you mean something else, what exactly. I am probably missing something, which could be the nexus of the situation.

Jarhead

@DominikHoffmann
Sorry, just reread the initial post, you wrote Netgate, I read Netgear.

All vlans are on one physical port, are you plugging the AP directly into that port?
No wired access? Just wifi?

You may want to try a switch to see if you can access the vlans wired first, then try the AP. Like I said, I had issues with that model, who knows what else doesn't work on it?

DominikHoffmann

@Jarhead: On my MacBook Pro I can define an Ethernet interface that is tagged with the same VLAN ID. That would be the easiest way to test, whether my problem arises from the use of the EWS356-FIT.

On my own network I use a constellation of four EnGenius EWS357AP APs with Ethernet backhauls. They have no problems with either mDNS (ours is a 95% Apple ecosystem household) or VLANs.

And, yes, the AP that is the subject of this thread is connected to the physical LAN port of the Netgate 1100 directly through an Ethernet backhaul, albeit with a PoE injector in between.

DominikHoffmann

So I set up my MacBook Pro with an Ethernet interface responding to VLAN ID 35 tagged traffic and connected it to the physical LAN port of the Netgate 1100. It did get an IP address assigned via DHCP. However, it did not have access to the internet. My conclusion is that it’s not the access point but my configuration of the Netgate appliance, probably the firewall rules.

DominikHoffmann

This post is deleted!

Jarhead

@DominikHoffmann But now you're getting an address and you weren't before, so there's something else going on too, right?

Just disable all rules except the last then test.

DominikHoffmann

@Jarhead: See my last post in a thread specifically about the firewall rules from this interface. The problem had been in the DNS rules for this interface’s firewall.