"
Hi,
Objective
To configure a multi-SSID setup where:
Default SSID operates on native VLAN 1 (untagged) for management
Guest SSID operates on VLAN 3 (tagged) for client isolation
OPNsense firewall handles routing/DHCP for both VLANs
Diagram: https://ibb.co/ymD8wd8p
Devices:
Switch: TL-SG108E
AP: TL-WA1201
Firewall: OPNsense (25.1.9)
Symptoms:
Clients on Guest SSID (VLAN 3) fail to obtain IP address (stuck "obtaining IP")
Manual IP assignment (192.168.3.20) cannot ping gateway (192.168.3.1)
VLAN 1 clients can ping 192.168.3.1, but not the other way around
Default SSID (VLAN 1) works normally
No VLAN 3 traffic detected in packet captures
Troubleshooting Performed
1. Switch Configuration
VLAN ID VLAN Name Tagged Ports Untagged Ports
1 Default None 1-8
3 Guest 1, 8 None
PVID: All ports set to 1
VLAN setup from opnsense: https://ibb.co/p6KG55kn
Firewall rule: https://ibb.co/wXgpyNn
DHCP from opnsense: https://ibb.co/LzbcGpXy
Please assist.
Objective
To configure a multi-SSID setup where:
Default SSID operates on native VLAN 1 (untagged) for management
Guest SSID operates on VLAN 3 (tagged) for client isolation
OPNsense firewall handles routing/DHCP for both VLANs
Diagram: https://ibb.co/ymD8wd8p
Devices:
Switch: TL-SG108E
AP: TL-WA1201
Firewall: OPNsense (25.1.9)
Symptoms:
Clients on Guest SSID (VLAN 3) fail to obtain IP address (stuck "obtaining IP")
Manual IP assignment (192.168.3.20) cannot ping gateway (192.168.3.1)
VLAN 1 clients can ping 192.168.3.1, but not the other way around
Default SSID (VLAN 1) works normally
No VLAN 3 traffic detected in packet captures
Troubleshooting Performed
1. Switch Configuration
VLAN ID VLAN Name Tagged Ports Untagged Ports
1 Default None 1-8
3 Guest 1, 8 None
PVID: All ports set to 1
VLAN setup from opnsense: https://ibb.co/p6KG55kn
Firewall rule: https://ibb.co/wXgpyNn
DHCP from opnsense: https://ibb.co/LzbcGpXy
Please assist.
