Something "clicked" in my poor old brain while watching this. I was under the impression that I would need a second router in order to set up a sub-net; but this demo helped me understand the concept of VLAN--even though it's not a vlan tutorial. I've watched countless vlan tutorials in the past, but never really got my head around it until now. I guess I'm a slow learner, but something about Raid Owl's style works for me. 👍
Thanks for this Raid Owl, I was able to help a small high school from a province to setup their own hotspot for students this walkthrough is very straightforward and helped me to do all the necessary configurations with my omada OC200 and EAP110
came across you channel. ordered 2 AC1350's from amazon for $60 each. tired of these low end routers and need the bandwidth control because of my kids and vlan so they don't have access to my server etc etc. I'm excited for this step. I will order the rest of the equipment down the road, but will start small. good video. thanks
I just bought a bunch of this stuff a week ago. your omada controller and router firmware are a bit behind in firmware revisions. update your omada controller first through maintenance, then enable cloud access which will allow you to go to the device list and click the blue "check for updates" arrow on the versions field. I'm running omada 4.4.4 and router 1.1.1 firmware. when I check my vpn settings, at the top I have a seperate tab for "vpn user". hope that helps
I usually deploy this stuff, minus their gateway, the OMADA management is great for easy management stuff for the managed switch and APs. So when im creating new LAN I usually just go with "VLAN" as the purpose setting since setting it to interface assumes you have a OMADA compatible firewall/router.
Hey Raid Owl, great video thanks. I'm currently looking to upgrade my home network and i'm considering purchasing this system. A question I have is, can you add a paid vpn service (i.e. express vpn, nord ect) to either a vlan, or have it configured to hide all of your home network?
thanks for the guide. great work. regarding the acl rules, if the eap are wired to the switch, switch acl rules would apply. I have two switches and blocking vlan communications works like a charm with switch acl only. If an iot client is wired it would bypass eap acl rule! source: I have wired clients on my iot network (my smart tv) ps: you need to uprade your controller firmware in order for OpenVPN to work. Your setup is good, upgrade firmware, export the certificate to your client and enjoy! just make sure to allocate a subnet that is not in use.
Do you know why I can not access my clients in a different vlan from the admin lan? I like to use External Desktop from Windows across my network. So an acl for blocking to admin are setup but I like to go to my computers on other lan’s. I don’t get this to work, it should’ve open in default.
TP Link Omada is pretty solid for a simple Prosumer setup where you want more security, ssid options, and want to implement POE instead of taking up power outlets. Deploying it in my parents house because they have alot of power outages and the poe with a nice sized UPS will help solve alot of they're problems and give them more security. My only issues with Omada are the way they implement Vlans compared to unifi and the lack of mDNS in they're ecosystem (at least so far) The Vlans are restricted both ways as opposed to Unifi they are restricted one way which make casting to a chromecast or TV a nightmare.
I agree with you. Like I said in the video, I definitely recommend Omada to people due to the the hardware implementation aspect, but for people who want serious control over their network...I'd still say run pfSense. Hopefully the folks at TP-Link can take user feedback and implement some fixes to separate it from Unifi.
Thanks for this comment, I started looking into this and effectively the Omada solution does not have a feature to allow “reply traffic”, which Unifi does have and is super helpful when trying to isolate devices just from initiating a connection. I guess I will have to go back to my Unifi plan.
@@oscarmvl yea. Its not a deal breaker if you are setting this up for like your parents or a friend who dont need "super" control. You can work around these issues with adding more SSIDs as annoying as it is. but unkess its worth the premium of Unifi prices, Omada is still a good solution
Great video! I know I’m doing something wrong but when I check off VLAN in the wireless network settings and assign to a VLAN, devices won’t connect to it. If I uncheck VLAN devices then connect. I even assigned to default VLAN and still no connection. It’s just the EAP670 connected right to the ER605. Sure I’m missing something if you have any ideas. Appreciate the videos very helpful and well done. 👍
Greetings : My setup has 1) Router TL ER7206 (With 2 internet vendors) 2) Switch TL2210P 3) Various TP Link AP's like TL245 ,EAP 110b,.. 4) TP link Deco Mesh of X60 scattered around my home with ethernet backhaul. The Deco is configured as AP. 5) Two WAN connections on the Router , Primary (500 Mbps) on SFP WAN and the other as a Back Up (100 Mbps) on WAN. 6) Load balancing Weight set at 5:1 7) The set up works well if the Primary SFP WAN fails and the Back Up takes over . 8) I would like to direct all traffic on the Switch Port 3 to the Router WAN port (not the SFP WAN port) I look forward to your assistance if this can be setup. Thanks
This was very helpful, and i'm planning on replacing my FIOS router with the ER605 as well. I'm trying to figure out what else i want/need to change though, because i have 3 Netgear unmanaged switches around the house, and 1 Netgear access point as well. I am curious to see how the ER605 will see them all, and i was going to run the software controller because i have a server running 24x7. Do you have a recommendation on what's the best course of action on if i should replace the switches, or just see how it works once i get it rolled out?
To be in Omada ecosystem, you should look at TP Link's JetStream switches, as those are Omada controller compatible. For access point, again if you want to control it from Omada controller then you need TP Links EAP Omada line of access points, like EAP610, EAP 650 etc.
9:55, does this option means enabling inter-vlan routing on the switch (assuming it is assigned to a port on the switch), thus, the traffic is routed by the switch instead of through the router?
Question... So at 13:35 you blocked "iOT" from Main network.. At the bottom, you created the rule network to network.. Understood.. So does this mean that only info on the iOT network can NOT access the main network but the main network CAN access things on the iOT network? So if I had a camera on my iOT netowork I wouldn't have to worry about traffic coming from the iOT network but I still could access it and configure the camera on the iOT network. Wheeewww. I hope that makes sense lol.
I bought an Tp link omada switch with the omada controller. It's an 8 port switch. I want to aggregate 2 ports for my qnap nas. I have tried it multiple times but I can't seem to get it to work. Any tips...
while creating New lan can i select option Vlan only and create vlan eg 25 and trunk specific ports connected to access points to carry valn 25 and native vlan both?
Hi Raid Owl, thanks for the informative videos, this convinced me to go witn TP Link for my home instead of Unify but I'm having different result as to you as I'm having issues with VLAN to VLAN connectivity? I have a strange behaviour where my VLAN1 can't access any device on VLAN172, but all devices in VLAN172 can acces both VLANs. TP Link support insist that is the device firewalls. I'm finding it difficult to believe my MacBook and Windows machine became VLAN aware out of the blue. Because everything works as expected on VLAN172 but not on VLAN1.
Is there a way to configure it so that certain clients (children’s devices) have time based access to the internet. E.g 30 mins a day or from 6pm to 7pm.
I made a ssid (home network) set it to vlan 1 and it would not let me access the controller but with out the vlan it will let me. Confused lol I thought the main vlan let you access the main guei
Can I ask a question please... I have purchased a lot of tplink items mentioned in this video, including the router and controller. My question is can you add devices from different manufacturers within the map. Ie if I had net gear switch will it detect it or will it only detect tplink items.
@TheCoreyVlogs I've seen other system setup videos where you COULD add an unmanaged switch hooked to an Omada router LAN port from some other company, but it showed up as a generic device and a "dumb" device that had no real fine control over it as you could have with an Omada switch. I think if auto DHCP was enabled, the Omada controller would hand it an IP address to send data as long as the IP address wasn't user blocked on the network. A dumb unit could become a security risk, however, as you wouldn't have port control or be able to get down to the granular level for every device attached to the switch.
With Omada, when enabling features, does it slow down network traffic? For example, I currently use a TP-Link Archer AX3000 V1 consumer router. With the traffic log disabled in this router, my reported download Internet bandwidth according to Speedtest is about 940 Mbps (I have a 1200 Mbps download/35 Mbps upload connection from Comcast/Xfinity). However, if I enable the traffic log, the download speed drops to a little over 600 Mbps. Dropping over 300 Mbps just for enabling the traffic log is quite excessive. As Omada is meant for businesses, I would hope that it would have enough processing power and memory for advanced logging and statistics, without slowing Internet and LAN traffic. However, it would be appreciated if this could be confirmed.
Maybe your traffic log is constantly pinging the system and that's causing a lot of bandwidth utilization or perhaps the router doesn't have enough processing power when that is enabled, which in turn is degrading your performance. Equipment like Omada and other prosumer and business solutions tend to have faster processor chips and more memory because you could theoretically be controlling hundreds of devices and data bandwidth at once.
@@dan_hitchman007 Yes, Omada should have a faster processor, more memory, and better programming. However, I would hope that somebody who has this product could confirm that enabling its traffic logging features will have no appreciable effect on bandwidth. However, even though my current TP-Link is a consumer router, it should be designed in such a way to not have this problem. I have concerns about TP-Link quality if enabling one feature causes a 300+ Mbps drop in bandwidth.
3:17 ummm. This is not "percentage of the cpu on your devices"; this is for the controller UPDATE: actually sorry, it looks from the MAC address that this would be for your router instead
The ridiculous thing about Omada setups like this is that they have no concept of established connections. I cannot for instance have a rule that allows me to initiate a connection from my main network into my IOT Vlan and have it respond. If I set up a rule blocking traffic from IOT to main then it blocks REPLY packets as well which is brain dead.. I cant block my IOT network containing my cameras from my main network because then I cannot access the camera stream *rollseyes*..
A firewall setting is a 'mega nerd'. OK. Honestly the TPLink Omada seems stupid, basically just pay a few hundred bucks for a GUI with useless info. I guess the Mega Nerd in me was looking for special stuff like auto IP blocking or creating firewall rules to block IP's when under attack etc.
Something "clicked" in my poor old brain while watching this. I was under the impression that I would need a second router in order to set up a sub-net; but this demo helped me understand the concept of VLAN--even though it's not a vlan tutorial. I've watched countless vlan tutorials in the past, but never really got my head around it until now. I guess I'm a slow learner, but something about Raid Owl's style works for me. 👍
I have an entire video dedicated to explaining VLANs if you wanna check that out too!
Thanks for this Raid Owl, I was able to help a small high school from a province to setup their own hotspot for students this walkthrough is very straightforward and helped me to do all the necessary configurations with my omada OC200 and EAP110
😊😊😊 awesome!
The best video I have seen to understand what I needed .Thank you so much
came across you channel. ordered 2 AC1350's from amazon for $60 each. tired of these low end routers and need the bandwidth control because of my kids and vlan so they don't have access to my server etc etc. I'm excited for this step. I will order the rest of the equipment down the road, but will start small. good video. thanks
I, currently, am using the 605 router with both my Starlink and my ISP. I'm looking to add a controller and access points in the near future.
I just bought a bunch of this stuff a week ago. your omada controller and router firmware are a bit behind in firmware revisions. update your omada controller first through maintenance, then enable cloud access which will allow you to go to the device list and click the blue "check for updates" arrow on the versions field. I'm running omada 4.4.4 and router 1.1.1 firmware. when I check my vpn settings, at the top I have a seperate tab for "vpn user". hope that helps
Oh that does sound useful. I’ll give that a try!
I usually deploy this stuff, minus their gateway, the OMADA management is great for easy management stuff for the managed switch and APs.
So when im creating new LAN I usually just go with "VLAN" as the purpose setting since setting it to interface assumes you have a OMADA compatible firewall/router.
Hey Raid Owl, great video thanks. I'm currently looking to upgrade my home network and i'm considering purchasing this system. A question I have is, can you add a paid vpn service (i.e. express vpn, nord ect) to either a vlan, or have it configured to hide all of your home network?
Thanks for your excellent work. You make it very clear and I learnt a lot.
Awesome! I’m glad I could help
thanks for the guide. great work.
regarding the acl rules, if the eap are wired to the switch, switch acl rules would apply. I have two switches and blocking vlan communications works like a charm with switch acl only. If an iot client is wired it would bypass eap acl rule! source: I have wired clients on my iot network (my smart tv)
ps: you need to uprade your controller firmware in order for OpenVPN to work. Your setup is good, upgrade firmware, export the certificate to your client and enjoy! just make sure to allocate a subnet that is not in use.
Do you know why I can not access my clients in a different vlan from the admin lan? I like to use External Desktop from Windows across my network. So an acl for blocking to admin are setup but I like to go to my computers on other lan’s. I don’t get this to work, it should’ve open in default.
TP Link Omada is pretty solid for a simple Prosumer setup where you want more security, ssid options, and want to implement POE instead of taking up power outlets.
Deploying it in my parents house because they have alot of power outages and the poe with a nice sized UPS will help solve alot of they're problems and give them more security.
My only issues with Omada are the way they implement Vlans compared to unifi and the lack of mDNS in they're ecosystem (at least so far)
The Vlans are restricted both ways as opposed to Unifi they are restricted one way which make casting to a chromecast or TV a nightmare.
I agree with you. Like I said in the video, I definitely recommend Omada to people due to the the hardware implementation aspect, but for people who want serious control over their network...I'd still say run pfSense.
Hopefully the folks at TP-Link can take user feedback and implement some fixes to separate it from Unifi.
Thanks for this comment, I started looking into this and effectively the Omada solution does not have a feature to allow “reply traffic”, which Unifi does have and is super helpful when trying to isolate devices just from initiating a connection. I guess I will have to go back to my Unifi plan.
@@oscarmvl yea. Its not a deal breaker if you are setting this up for like your parents or a friend who dont need "super" control.
You can work around these issues with adding more SSIDs as annoying as it is. but unkess its worth the premium of Unifi prices, Omada is still a good solution
You may want to upgrade your controller for the VPN user configuration. On mine I see an additional tab "VPN User" next to "VPN" to add my users
Yeah someone else mentioned that as well. Thanks!
Great video! I know I’m doing something wrong but when I check off VLAN in the wireless network settings and assign to a VLAN, devices won’t connect to it. If I uncheck VLAN devices then connect. I even assigned to default VLAN and still no connection. It’s just the EAP670 connected right to the ER605. Sure I’m missing something if you have any ideas. Appreciate the videos very helpful and well done. 👍
Greetings : My setup has
1) Router TL ER7206 (With 2 internet vendors)
2) Switch TL2210P
3) Various TP Link AP's like TL245 ,EAP 110b,..
4) TP link Deco Mesh of X60 scattered around my home with ethernet backhaul. The Deco is configured as AP.
5) Two WAN connections on the Router , Primary (500 Mbps) on SFP WAN and the other as a Back Up (100 Mbps) on WAN.
6) Load balancing Weight set at 5:1
7) The set up works well if the Primary SFP WAN fails and the Back Up takes over .
8) I would like to direct all traffic on the Switch Port 3 to the Router WAN port (not the SFP WAN port)
I look forward to your assistance if this can be setup.
Thanks
Thanks for the video! Maybe a dumb question, but will the Omada switches/controller with a pfsense router?
Yep!
This was very helpful, and i'm planning on replacing my FIOS router with the ER605 as well. I'm trying to figure out what else i want/need to change though, because i have 3 Netgear unmanaged switches around the house, and 1 Netgear access point as well. I am curious to see how the ER605 will see them all, and i was going to run the software controller because i have a server running 24x7. Do you have a recommendation on what's the best course of action on if i should replace the switches, or just see how it works once i get it rolled out?
To be in Omada ecosystem, you should look at TP Link's JetStream switches, as those are Omada controller compatible. For access point, again if you want to control it from Omada controller then you need TP Links EAP Omada line of access points, like EAP610, EAP 650 etc.
9:55, does this option means enabling inter-vlan routing on the switch (assuming it is assigned to a port on the switch), thus, the traffic is routed by the switch instead of through the router?
Let say you are not on the LAN, is it possible to remote configure the omada cloud controller? If so, how?
Great Video 😊. Thank You.
Question... So at 13:35 you blocked "iOT" from Main network.. At the bottom, you created the rule network to network.. Understood..
So does this mean that only info on the iOT network can NOT access the main network but the main network CAN access things on the iOT network?
So if I had a camera on my iOT netowork I wouldn't have to worry about traffic coming from the iOT network but I still could access it and configure the camera on the iOT network.
Wheeewww. I hope that makes sense lol.
That is exactly correct. Kinda like a two way mirror where one side can see through but the other can’t.
I bought an Tp link omada switch with the omada controller. It's an 8 port switch. I want to aggregate 2 ports for my qnap nas. I have tried it multiple times but I can't seem to get it to work.
Any tips...
while creating New lan can i select option Vlan only and create vlan eg 25 and trunk specific ports connected to access points to carry valn 25 and native vlan both?
I cant find TCO or UDP input for port forwarding my.PS5 anywhere!
Hi Raid Owl, thanks for the informative videos, this convinced me to go witn TP Link for my home instead of Unify but I'm having different result as to you as I'm having issues with VLAN to VLAN connectivity?
I have a strange behaviour where my VLAN1 can't access any device on VLAN172, but all devices in VLAN172 can acces both VLANs. TP Link support insist that is the device firewalls. I'm finding it difficult to believe my MacBook and Windows machine became VLAN aware out of the blue. Because everything works as expected on VLAN172 but not on VLAN1.
I’d have to see how you have it all setup. Feel free to join the Discord and we got some folks over there that can def help out.
Thanks, I just joined the Discord so I'll post my setup there.
What omada soft conn version has an interface option in creating vlan?
Is there a way to configure it so that certain clients (children’s devices) have time based access to the internet. E.g 30 mins a day or from 6pm to 7pm.
Yep Time Ranges can be created and then set per device
@@RaidOwl What about by client. If I have a TV wired in or one device on the network I want to restrict access for?
I made a ssid (home network) set it to vlan 1 and it would not let me access the controller but with out the vlan it will let me. Confused lol I thought the main vlan let you access the main guei
I just wish the controller and router were in a rackmount format
Yeah I'm surprised that these products that they openly state is for commercial and business use don't have any rack-mounted options.
does it have settings to disable wifi tethering?
I want to disable wifi sharing.
Thanks.
Can I ask a question please... I have purchased a lot of tplink items mentioned in this video, including the router and controller. My question is can you add devices from different manufacturers within the map. Ie if I had net gear switch will it detect it or will it only detect tplink items.
Unfortunately not, for devices to show up in the GUI they must be part of TP Links Omada ecosystem.
@@RaidOwl I had a feeling that would be the case but thank you for confirming it
@TheCoreyVlogs I've seen other system setup videos where you COULD add an unmanaged switch hooked to an Omada router LAN port from some other company, but it showed up as a generic device and a "dumb" device that had no real fine control over it as you could have with an Omada switch. I think if auto DHCP was enabled, the Omada controller would hand it an IP address to send data as long as the IP address wasn't user blocked on the network. A dumb unit could become a security risk, however, as you wouldn't have port control or be able to get down to the granular level for every device attached to the switch.
Missed WAN type connection, like ppoe etc
my vlans not working. can you help???
wrong browser or worng controller version . there is on top vpn user tab there
With Omada, when enabling features, does it slow down network traffic?
For example, I currently use a TP-Link Archer AX3000 V1 consumer router. With the traffic log disabled in this router, my reported download Internet bandwidth according to Speedtest is about 940 Mbps (I have a 1200 Mbps download/35 Mbps upload connection from Comcast/Xfinity). However, if I enable the traffic log, the download speed drops to a little over 600 Mbps.
Dropping over 300 Mbps just for enabling the traffic log is quite excessive. As Omada is meant for businesses, I would hope that it would have enough processing power and memory for advanced logging and statistics, without slowing Internet and LAN traffic. However, it would be appreciated if this could be confirmed.
Maybe your traffic log is constantly pinging the system and that's causing a lot of bandwidth utilization or perhaps the router doesn't have enough processing power when that is enabled, which in turn is degrading your performance. Equipment like Omada and other prosumer and business solutions tend to have faster processor chips and more memory because you could theoretically be controlling hundreds of devices and data bandwidth at once.
@@dan_hitchman007 Yes, Omada should have a faster processor, more memory, and better programming. However, I would hope that somebody who has this product could confirm that enabling its traffic logging features will have no appreciable effect on bandwidth.
However, even though my current TP-Link is a consumer router, it should be designed in such a way to not have this problem. I have concerns about TP-Link quality if enabling one feature causes a 300+ Mbps drop in bandwidth.
How to download omada controller on mac?
3:17 ummm. This is not "percentage of the cpu on your devices"; this is for the controller
UPDATE: actually sorry, it looks from the MAC address that this would be for your router instead
HOW DID YOU INSTALL THAT ON MAC WITH ONLY CLOUD BASED CONTROLLER? GREAT VIDEO!!!!
i believe he’s using the hardware controller oc200
The ridiculous thing about Omada setups like this is that they have no concept of established connections. I cannot for instance have a rule that allows me to initiate a connection from my main network into my IOT Vlan and have it respond. If I set up a rule blocking traffic from IOT to main then it blocks REPLY packets as well which is brain dead.. I cant block my IOT network containing my cameras from my main network because then I cannot access the camera stream *rollseyes*..
Is this still a problem?
anyway you can help configure my home network please ? similar equipment, obviously i know your time inst free. id be happy to pay for services
A firewall setting is a 'mega nerd'. OK. Honestly the TPLink Omada seems stupid, basically just pay a few hundred bucks for a GUI with useless info. I guess the Mega Nerd in me was looking for special stuff like auto IP blocking or creating firewall rules to block IP's when under attack etc.