1

I’ve been pulling my hair out on this. I have some new Ubiquiti APs and am using a VM for the controller. I have them connected to my Meraki switch infrastructure. I created a VLAN for Guest Access to keep the guest WiFi off of the office network. I can get an IP and ping the gateway, but cannot get out past that. If I plug in a computer to a similarly configured switch port, I get DHCP like normal and that computer can get out past the gateway. I’m not sure what I missed and why the two behave so differently. I also have an “Office WiFi” on the same APs and it works properly. The only difference between the two WiFi Networks on the Ubiquiti is the VLAN. DHCP comes from a Windows Server on the Office Network. On the Guest WiFi, different VLAN, DHCP is from the Meraki switch. Any ideas?

4 Spice ups
2

Can you share some configs?

3

For the sake of not filling up this with a bunch of screenshots, can you be more specific?

@cholzhauer

4

I think at the very least the config of the switch ports where you have a laptop connected and your AP connected, then the vlan config on the Ubiquity.

5

Sounds like a misconfig with the Ubiquiti controller or maybe the switchport it’s connecting to.

6

AP_port.png

This is my port on the switch. The only difference between my port that my computer is on is that the Native VLAN is set to 110. I had to have a machine configured to make sure my ISP routes the traffic. I do not have access to my routers as they are leased from my ISP.

AP_config.png

7

My Gateway provided by my ISP is 10.110.1.254
I do get an IP and I can ping the Gateway. I cannot get past the Gateway.
On my PC, I get an IP, I can ping the Gateway, and I can ping past it to like Google.

8

IP helper address on the switch?

9

I don’t know where to configure that or even which IP to use.

@rockn

10

It would b a relay to your DHCP server if it is on a different VLAN.

11

AP_config2.png

Yeah. We don’t have one of those. Hmm…

12

The native VLAN difference is a big difference. If you’re getting the correct result on your PC, why not change it on the port the AP is connected to?
You will see your DHCP relay setting on your layer3 device (router). You won’t see it in the Unifi software as that’s only controlling a layer 2 AP

13

I did change the Native VLAN on the port when testing. It broke my Office WiFi and I could not even get an IP for my Guest WiFi. It’s weird.

14

More information. We have Voice running on VLAN 20 and it has no issues routing or with DHCP for them. There seems to be some sort of hangup between the Ubiquiti APs, Ubiquiti Management VM, and the Meraki Infrastructure somewhere. I just haven’t been able to figure it out.

15

The fact that you get an IP and can ping the gateway suggest the AP is configured fine (as well as dhcp) it sounds like a routing\firewall issue for that VLAN on the meraki side.

do you have any rules preventing traffic on that VLAN passing?

1 Spice up
16

I thought so too but if I put a PC on that VLAN, I get proper DHCP and I can get out to the internet with no issues. The only difference is that the Native VLAN is set differently.

17

Your screen shot confuses me. This is the Network configuration screen in Unifi. This screen is only used if you have the Unifi Router or Switches. It doesn’t come into play for the APs at all. Instead of creating a Corporate Network here create a VLAN Only network for your 110 tag.

AP_config.png

Then to apply it to the AP you VLAN tag them in the SSID Settings.

Untitled.png
Untitled.png800×499 68.2 KB
3 Spice ups
18

The VLAN Only is greyed out though. Is there a different screen or section I need to do this in?

19

Is it greyed out if you create a new network? I don’t think you can change it once its created

1 Spice up
20

My day is ending and I cannot test until Thursday. I’ll be back!

1 Spice up