TP-Link Omada on Vlan Network (not as easy as it should be)
This should be a short guide (and small rant) about the trials of setting up a TP-link Omada WIFI system on one subnet with its controller being on another.
I am doing to start off with the rant. While the setup is well documented, Its only documented on TP-link hardware, systems and terms. With me being inexperienced with network terms this made getting the Omada software on my server communicate with the AP's on a different subnet very difficult. So after combing over the settings in PFSense i eventually found the golden setting to allow my AP's to communicate with my controller. So without further ado.
Step 1 Network Set Up
To get your TP-Link Omada wireless access points talking to a controller on a different subnet we will actually need to set up a separate VLAN. This is because you need to change a setting that affects all devices on the VLAN, And as im unsure how this would affect other devices i decides it would be best to just create a new VLAN.
I previously detailed VLAN creation Here. The only change we are going to make is to one of the DHCP settings. Navigate to Services > DHCP Server then select the VLAN you created.
We need to find the "Option" setting, This will tell the AP's the controllers IP address to contact. This is at the bottom of the page and will look like below.
Like i have done add a line and add the same settings however the IP should mirror where your putting your omada control software.
After you have done this we now need to create a firewall to allow communication to happen between the controller and the AP's. Below are the ports you need to open up.
Last thing we need to do network wise is to configure the VLANS on your Switches. Once you have added the new VLAN tag to your switches we will need to configure the ports the AP's will use these will need to be configured as "Trunk", So that you can have different wireless networks going to different VLANS. You will also want 1 port configured to send untagged traffic to your "Omada" VLAN. This will be for adoption of your AP's into your network which we will go over later.
Step 2 Setting Up The Software
Before you begin you will need to have Java installed on the computer you want to use this on. You can download the Omada controller from here, Initial setup is a nice simple next, next affair.
There is a downside to the controller software though it is that it does not run as a service, Meaning you have to run it under a user after login. Once you have it running it will open up a browser window to https://127.0.0.1:8043/.
Now i could do a full guide for the software setup but this part is actually fairly well documented from the above link so i suggest you follow that. The only change i will require you to set is under Site Settings > Management Vlan
Management VLAN: Enable tick
Management VLAN ID: set to the Vlan ID you created earlier
Once you have done your initial set up we need to adopt our AP's. Get your first AP and plug it into the 1 port we configured to send untagged traffic to your "Omada" VLAN then turn it on, After a while it will appear on the below page.
Once adoption is completed you can then take your AP and move it to its final location and plug it into its "Trunk" port
After you have finished i would recommend having a poke around the settings. This should let you know about what can be set using the software and then use the setting(s) you would like to use.
Finishing up
I don't have to but i think it would be fun to enlighten you on a stupid mistake i mad by not reading the product information.
I spent around 2 hours trying to figure out why i could not get 5GHz networking working on my EAP115, Dispite there being settings for 5GHz in the Omada controller. Turns out there is no 5GHz antenna in the EAP115 this is one of the reasons its so cheap, but if your not interested in speed (which im not as i do all my big transfers over cable). this makes this AP a good deal.
After about 3 months with 2 of these devices i can say the range in my house is awesome. For reference my house has been extended a great many times meaning most of the walls are external walls making wi-fi a pain for a single point system. This is also aided by the fact the EAP115 is only 2.4GHz making it even better at penetrating walls and maintaining a connection because its not trying to hop you up to 5GHz.
The AP switching has been seamless. I have force disassociation and fast roaming enabled on my wireless network. Never have i seen the signal strength bar on my iPhone 8 Plus drop below half and have never had to stop and manually disconnect and reconnect to the network to get the right AP.
Another benefit of using a controller software is the addition of more AP's, once you adopt them all settings from the first are replicated to the second almost seamlessly so once you have your initial setup done and working the rest of the roll out is easy.