Reply

Re: Android Apps cannot reach IoT devices correction

ShannonC
Tutor

Android Apps cannot reach IoT devices

I just installed Orbi Pro Wifi 6. I have enabled all 4 SSIDs (default, employees, IoT, guest) and have setup devices in each.

Pulling my hair out trying to get everything working. I am having the following issues:

1. Android devices, computers cannot find HP Envy printer/scanner. Device is on IoT VLAN.

2. Roku App cannot find any Roku devices (we have 5). Devices are on IoT VLAN

3. Hubitat Elevation hub cannot be found via phone, computer. Device is on switch with IoT VLAN Profile

4. Wemo light switches, dimmers, and plug keep dropping off of the network and have to be factory reset to rejoin IoT VLAN

5. Wemo app can only see devices if Android phone joins IoT SSID.

 

I am not a network administrator, but understand VLAN concepts. I was an IT security professional (retired now).

 

Could I get some assistance from those familiar with Orbi Pro and VLAN configurations so I can solve these issues please?

 

Orbi Pro Configuration:

Latest firmware in use.

1 router, 2 satelites

 

2.4 and 5 Ghz are split on SSIDs IOT, Employee, Guest

 

1 PC wired to Sat 1

2 PC wired to Sat 2

 

SSID 1 is reserved for my laptop for management. - Default VLAN Profile, Client and Network isolation is off. Trunk is set.

SSID 2 has only computers, phones, and other user end points - Employee VLAN, Network isolation is on. Trunk is set.

SSID 3 has home automation, security, and print/scan devices - IoT VLAN, Client  and Network isolation is on. Trunk is set.

SSID 4 has only a phone for testing - Guest VLAN, Client and Network isolation is on. Trunk is set.

 

VLAN Bridge/Tagging Group is setup with VLAN 1 only. No other group.

 

Orbi Pro to Spectrum Modem - Port 1 - Trunk, Default VLAN Profile

Orbi Pro to Fingbox v1 (old) - Port 2 - Trunk, Default VLAN Profile

Orbi Pro to Netgear switch - Port 3 - Trunk, IoT VLAN Profile

Orbi Pro to Fingbox v2 (new) - Port 4 (am comparing new to old) - Trunk, Default Profile

 

The Netgear switch on port 3 is an unmanaged 16 port switch. Connected to this switch are my home entertainment, Home Automation hubs, Security, and NAS storage devices: Yamaha home entertainment, Tivo DVR, Roku Ultra, Tablo DVR, Harmony Hub, Hubitat Elevation Hub, QNAP NAS, Eufy Home (storage & control of cameras and videos). 

Message 1 of 7

Accepted Solutions
ShannonC
Tutor

Re: Android Apps cannot reach IoT devices correction

Correction

 

Port 3 is IoT VLAN Profile with Access set not Trunk.

 

 

View solution in original post

Message 2 of 7

All Replies
ShannonC
Tutor

Re: Android Apps cannot reach IoT devices correction

Correction

 

Port 3 is IoT VLAN Profile with Access set not Trunk.

 

 

Message 2 of 7
BruceGuo
NETGEAR Expert

Re: Android Apps cannot reach IoT devices correction

If wireless Android phone can discover wired IoT devices in the same VLAN profile but not able to discover in different VLAN profile. It could be:

(1) Isolation features in VLAN profiles are on

(2) IoT devices use mDNS protocol that cannot support inter-device communication  across subnets

 

If you know you hit (2), see if you want to try trial firmware that support mDNS communcation across subnet.

Message 3 of 7
schumaku
Guru

Re: Android Apps cannot reach IoT devices correction


@BruceGuo wrote:

If you know you hit (2), see if you want to try trial firmware that support mDNS communcation across subnet.


Congrats for making it happen - a mandatory feature for the intended design and usage 8-)!  Version number and availability please. Last Pro WiFi 6 firmware on the Orbi Pro (Beta) forum section dates from end of February 2021.

Message 4 of 7
ShannonC
Tutor

Re: Android Apps cannot reach IoT devices correction

Resolved: Port 3 IoT set to Access from Trunk. That was one of my problems, now resolved. Thank you!

Model: SRK60B06|Orbi Pro Tri-Band Business WiFi System
Message 5 of 7
ShannonC
Tutor

Re: Android Apps cannot reach IoT devices correction

I had to remove network and client isolation on the IoT network. This seems counter to its purpose, though. I thought the whole purpose of  an IoT VLAN was to keep devices from being used to attack other devices on the VLAN and other VLANs.

 

Model: SRK60B06|Orbi Pro Tri-Band Business WiFi System
Message 6 of 7
schumaku
Guru

Re: Android Apps cannot reach IoT devices correction


@ShannonC wrote:

I had to remove network and client isolation on the IoT network. This seems counter to its purpose, though.


if you need having local wireless devices talking to wireless IoT this is obviously prohibiting. Light switches and actuators might have certain problems under these conditions just to mention a very simple IoT use case. 8-)

 


@ShannonC wrote:

I thought the whole purpose of  an IoT VLAN was to keep devices from being used to attack other devices on the VLAN and other VLANs.


As long as each IoT works on it's own, and only talking to the Internet of course one can do this. Reality is very different from the many security theories learnt on the net, by universities, and elsewhere....

 

 

Message 7 of 7
Top Contributors
Discussion stats
  • 6 replies
  • 1206 views
  • 3 kudos
  • 3 in conversation
Announcements