Apple Airport Guest wifi very slow with SG2440



  • Hello, really scratching my head here…not sure if this is a VLAN, Firewall, or other issue

    I have the following setup

    AIRPORT1————ethernet————AIRPORT2
        |
        |
    (LAN port)
        |
    PFSENSE SG2440 (2.2.1)
        |
    (WAN port)
        |
    CABLE MODEM

    I have both the main wireless network and the guest mode enabled on both Airports. Both wireless networks have been working perfectly before.

    After adding pfsense to the mix, I changed AIRPORT1 to be in bridge mode (rather than DHCP and NAT) and now I am seeing some weird behavior.

    The main wifi network works fine at full speed (100Mbps down, 35Mbps up) but the guest network only works at <1Mbps down but FULL speed up (35Mbps)!?!? (yes, I have removed pfsense to test; both wifi networks are back to full speed with sg2440 removed)

    On the SG2440, I added the guest wifi network as VLAN and added a DHCP server to that interface. The auto NAT rules are on…what gives?

    Thanks!



  • @yellowbrick:

    The main wifi network works fine at full speed (100Mbps down, 35Mbps up) but the guest network only works at <1Mbps down but FULL speed up (35Mbps)!?!? (yes, I have removed pfsense to test; both wifi networks are back to full speed with sg2440 removed)

    This is a known defect with the Airport Extreme. If you run in bridge mode, the guest network (VLAN 1003) will drop a high percentage of packets received on the ethernet destined for the wireless. Apple is aware of it, but hasn't addressed it because they say the guest network is not supported in bridged mode. Really poor position in my opinion.

    Search for Airport Extreme Guest Network Bridge Mode



  • Thank you dennypage.

    However, does it make sense that I only see the symptoms with pfsense in the mix?

    I.e. I get full speed on the guest network when I connect to AIRPORT2, which is always running in bridge mode (only AIRPORT1 changes from DHCP/NAT to bridge with the addition of the pfsense box)

    Will search as suggested…thanks again.



  • @yellowbrick:

    However, does it make sense that I only see the symptoms with pfsense in the mix?

    When you remove pfSense you are no longer processing the VLAN tag. If you put another VLAN configured switch in-between the APs, you will see the same behavior.



  • Yup, I can confirm this after wasting last weekend trying to debug it. Junked them and put ubiquiti hardware in, problem solved. Shame Apple won't fix as they are solid APs otherwise.



  • Confirmed from my side as well…I have a bunch of airports so unfortunately junking them is not an option...yet.

    My solution was to double NAT. Keep the Airport1 on with DHCP and NAT and use the pfsense box to NAT again. I know I shouldn't be doing this, but things are at least working for now.

    Thanks a ton guys!



  • @irj972:

    Yup, I can confirm this after wasting last weekend trying to debug it. Junked them and put ubiquiti hardware in, problem solved. Shame Apple won't fix as they are solid APs otherwise.

    Out of curiosity, which ubiquiti AP did you get?

    Thanks



  • UAP-AC.
    Run the unifi server in a freenas jail for logging/admin etc.
    Very easy to manage, configure guest access / throttle traffic etc.



  • I do have the same problem….sigh.....Guest network@2.4GHz wifi will never go beyond 5Mbps while I also not able to have > 10Mbps for 5GHz signal, and my WAN speed is 1000Mbps....
    At the beginning I was wondering if there is any issue with my WAN link....
    But double NAT is not an option for me, since Airport Extreme is unable to achieve 1000Mbps NAT throughput.


Log in to reply