Connect Wifi APs directly to router interface

aduzsardi

Hello guys,
I'm trying to figure out if this will work before trying to do it.
I have 4 physical interfaces in a bridge interface , with an IP on the bridge interface , almost all the interfaces on the lan switches are connected as access ports , untagged , VLAN 10 , with a direct uplink to this port , so that part is working.
On the bridge interface i want to add a VLAN interface  VLAN 15 for example , add a static IP to this VLAN and  connect two Ubiquiti  wireless AP's in two physical interfaces in the bridge, configured with two SSID , the default (VLAN 10) for people in the company , WAP2 Enterprise auth and all that
and another SSID in VLAN 15 ( the same as the VLAN interface on the bridge configured on the router ) for guests with limited access

Does anybody know if this setup should work ? And if yes, do i need crossover cables between the router interfaces and the AP's  PoE injector ?

thank you!

johnpoz

"On the bridge interface i want to add a VLAN interface"

Wow what a borked setup…

Why would you bridge interfaces just to add a different vlan to it?  I you need physical ports use a switch, if you need vlans use a switch that supports vlans.

aduzsardi

how else could you connect an access point with a single interface in two VLAN's directly on the router ?

we do have right now switches with VLAN support ,some cisco small business SG300-52
The problem we are having is from time to time the wifi connection just doesn't work , what i mean by that is we are able to connect to the wifi , receive IP from DHCP but can't get anywhere on the network or internet not even the default gateway , pinging any host just getting "timed out" when it happens.
We talked with Ubiquiti support told them about the issue , even showed them the configuration and they said it's correctly set up with latest firmware , so it should work :)

Now i'm just trying to rule out switches fault , basically i would like to not have to use the switches between the AP's and network .
Maybe i'm not taking the right approach but i don't know what else to do anymore , reconfigured them many times , i reset the switches to factory default , same thing happens every time.

I'm open to any suggestion if somebody has any.

Thank you

johnpoz

what AP are you using, what firmware?  There was some issues with unifi AP neg speed correctly.

You would not run vlans on top of a bridge.. If you want to connect an AP direct to a interface on pfsense sure do that, and sure you can run vlans on top of that interfaces native network.  But you would not use bridged interfaces in such a setup.

Switches fault how?  Do you have other devices having issues on the switch, did you try just changing switch ports?

You could use AP direct to the router if your going to put them all on different networks.  But if you want more than 1 device on the same network then you should use a switch.  Bridge does not a switch make that is for sure.

aduzsardi

Thanks for the quick reply ,
No we didn't have any other issues just the WiFi UniFi AP-LR , firmware version 3.7.17
At this point i'm kind of suspicious of everything  , i was thinking maybe the AP's just don't like the switches we are using :)) , since nobody on the Ubiquiti side could help us and on  their forums couldn't find anything useful or somebody having the same type of switches with the same AP''s

johnpoz

I use a sg300-10 with 3 different AP, actually 4 at one time - had the old AC Pro, then added a lite and lr of the new gen.  Then replaced the old AC with new AC Pro.  Have never had any issues with them and this sg300 switch.  Currently running 2 of the AP directly off the sg300 the pro and the lite, and then the LR is off a downstream switch netgear gs108e v3, really cheap vlan switch without any issues.  Using poe injectors on all of them.

so your running alpha controller with alpha firmware in a production setup?  You should prob back off to stable version vs running alpha stuff in production.

aduzsardi

i think i will roll back the firmware because i only updated them thinking it will solve the issues , but it didn't
i will also set the switch port from auto negotiate to full duplex and 1000mb , maybe it's as simple as that , if you say the AP's have negotiating issues although the guy from support didn't say anything about this

thank you anyhow for taking the time to discuss this with me , i hope it wasn't quite a waste of it (time)  and i will leave the pfsense firewall alone , it was a desperate move anyway :)

johnpoz

"i will also set the switch port from auto negotiate to full duplex and 1000mb"

That is a BAD idea, you should never really set gig via manual..  If it does not come up gig with auto, then there is some sort of issue that needs to be corrected not hard code.  Auto should be used for gig, who is going to be the master slave in the connection.  There is a bit more to auto neg in gig then just duplex and speed.

The issue is all over the forums..
–-
http://community.ubnt.com/t5/UniFi-Wireless-Beta/FIRMWARE-New-binaries-for-UAP-IW-and-AC-LR-AC-Lite/m-p/1641373/highlight/true#M30170

In 3.7.7 a bug was introduced to AC-Lite and AC-LR where devices wouldn't always negotiate at GbE (hardware dependent), and required manually setting the port to 100Mbps (amongst other work arounds), detailed HERE, HERE, and HERE. The fixed firmware can be found at the following link:

If your going to run beta/alpha code it would be a good idea to read the forums on what others are seeing with specific versions before you use them, especially if any sort of production setup.  I am just in a home setup, if the wireless goes a bit flaky not a real big issue.  And my controller is run on VM, takes me minutes to roll back and change the firmware to previous on the AP, etc..  I never ran into these specific problems with gig neg, but I believe it was related to hardware of the switch.  Maybe cisco wasn't having the problem??  You would have to dig in to the forum threads to find more details - I never actual saw any issues.  I don't see many of the issues reported on the forums.

To be honest I think many of the problems users see are self inflicted ;)  Bad channel selection, bad placement, not understanding the features and how to use them.  Leaving everything on auto auto and then not understanding why they might not be getting PEAK performance.  Trying to run 40mhz on 2.4 with mix devices.  Trying to run 80 in a crowded wifi scape, etc.

I have had nothing but great success with the unifi AP.  I run all 3 of the current models and run them through lots of different tests..

aduzsardi

thank you , i'm hoping i will have some time to read more about the settings and options
On the switch where the APs are connected i don't have a lot of options when i deselect "Auto" , the only options that i can modify are the speed , flow control and MDI/MDIX
Duplex and Preference mod (slave & master) are grayed out. (attached image) , also on the access points hardware specs page says that it has 1gib ethernet interface.

The people at our company are so used to the WiFi not working that they don't even bother telling us (system admins) anymore , have passed like 4 months and still no solution :)

johnpoz

That you think you switch is your problem is maybe why your having issues.

If this is production use stable version of unifi controller and firmware.  And then lets troublehoot what wifi issues your having if any.