Reply

WAC510 multiple units - Wireless Bridge (WDS) and multiple VLAN

Geva
Tutor

WAC510 multiple units - Wireless Bridge (WDS) and multiple VLAN

Hello,

 

I need to make an offer for a customer, who wants to have two separeted networks (Private & Guest), on wired and wireless networks. I have created countless setups already using WAC510's cabled to managed switches and VLAN configuration. Simple and works perfect everytime.

 

Now the problem is a bit different : in the main area, it is still a classic situation : managed switch, 2 VLANs, cabled connection to a first WAC510 which gets it's packets tagged and with 2 separated SSIDs each with it's own VLAN ID. The second area is a bit further, and has a bit of reception, but the signal is getting low. There is no possibility to have a cabled connection over here. So I thought to offer a second WAC510 configured as a repeater and a Wireless Bridge (WDS) configured between the two WAC510s. Then I thought to create the two SSIDs again with it's corresponding VLAN IDs.

 

Since I had no clue if the Wireless Bridge (WDS) function also provided VLAN configuration of some kind, I started digging in the manual. Searching in this forum, but couldn't find a clear answer. 

 

There was one post that came close :

 

https://community.netgear.com/t5/Business-Wireless/Using-WAC510-as-router-and-as-repeaters/td-p/1361...

 

In the aswer of Netgear Moderator DaneA I saw following diagram;wac netgear.jpg

 

 

Following text was provided;

 

From Figure 2 above, there are 2 WAC510.  The first WAC510 (left) is configured as Base Station and the second WAC510 (right) is configured as Repeater.  In order to power up both WAC510, the PoE WAN port of each WAC510 is connected to the GS110TP smart switch that supports PoE.  

 

The ports connecting the firewall router and the first GS110TP will be configured as tagged ports so that it will become a trunk link.  The ports connecting the first GS110TP to the first WAC510 will be configured as tagged ports as well.  Tagging the ports is needed in order to identify which VLAN the packet belongs to.  The firewall router that you will use should support VLANs .  The purpose of having VLANs is to segregate networks.  As an example, two VLANs are configured on the firewall router and the first GS110TP namely: Private VLAN and Guest VLAN.  

 

Point-to-Point Wireless Bridging should be configured to connect the first and second WAC510.  The ports connecting the second WAC510 to the second GS110TP will be configured as tagged ports.  Also, both the Private VLAN and Guest VLAN should be configured on the second GS110TP. 

 

This looks promising. It's almost completely what the customer needs, exept for the wired bit in the other area. I have adjusted the diagram to his needs and added a bit color for an easier overview regarding the VLANs;

WAC-WDS-VLAN.png

 

 

Since I had 2 WAC510s lying around, I decided to set up a small test lab. Everything looked promising. Until I tried to connect to the Guest SSID with VLAN ID 2 on the "repeater" WAC510. It made the wireless connection perfectly, but couldn't get any IP address. I verified setting after setting, but couldn't get that VLAN to work at the repeater area.

 

I ended up downloading the detailed logs from the WAC510s and started digging. 

In a file called 'diagnostics', I found a section called "Bridging Tables", and I think here is the problem (the tables look the same on both sides) :WAC diagnostic.PNG

 As you can see, wifi0vap3 is indeed bridged to VLAN2 as you can see. But all available wireless bridges (WDS) are configured in bridge VLAN1. So the figure that was posted in the thread I found, isn't correct. Only VLAN1 is bridged, so the repeater WAC510 only receives VLAN1 packets. Thus explaining the situation that I could connect to the Guest SSID on wireless level, but couldn't get an IP address from this network.

 

Both WAC510s were running the latest version of it's firmware : V5.0.0.17

Everything was configured in standalone mode through the webinterface.

 

The question is of course; 

  • did I still overlook something in the end while setting up the WDS bridge or something else ? 
  • is it a bug ? 
  • did the netgear moderator post an error and isn't this possible with the WAC510 ?

I hope someone can help me with this.

 

Regards,

Geert

 

Model: WAC510|Insight Managed Smart Cloud Wireless Access Point
Message 1 of 3
DaneA
NETGEAR Moderator

Re: WAC510 multiple units - Wireless Bridge (WDS) and multiple VLAN

Hi @Geva,

 

My bad! Smiley Sad  I apologize for I was not able to correct that forum thread before.  I have deleted figures 02 & 03 of in the forum thread because wireless bridging would be applicable to one (1) VLAN only.  

 

 

Regards,

 

DaneA
NETGEAR Community Team

Message 2 of 3
Geva
Tutor

Re: WAC510 multiple units - Wireless Bridge (WDS) and multiple VLAN

Hello,

 

Then it's still a pity you can't change this VLAN independently. It's always located in the VLAN that is set up as management VLAN I suppose ? As soon as you uncheck the untagged VLAN box, you can't change anything over there. Or is it hardcoded to VLAN1 ? Pitty we only have a very limited user account to SSH. I pretty sure that with root access, one could change the bridgingtable manually, without the gui to have the required functions.

 

Aside from that; if it's not possible with this product as is, then that's clear (a bit of a pity, because I bought these personally a while ago, assuming this was possible with the WAC510). But with which product can we provide this functionality ? 

 

Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 3346 views
  • 1 kudo
  • 2 in conversation
Announcements