So I have a RB3011uias acting as a firewall/nat’ing router, VLAN and vpn host. I have everything up and running; vpn works; firewall rules work VLAN works, BUT only on switch 2. Normal pc’s and even the other switches on the network work on any port on the RB3011.
The way its setup now is eth2 and eth6 are master ports for their perspective switches with the others as slaves, and there is an internal bridge setup between the two master ports.
This setup works fine and I get very fast throughput on any port or interface to WAN but if i have any of the AP’s connected directly to eth2-eth5 or any switches connected there I get nothing on the VLAN.
The switch configuration bridge nat vpn etc are all box standard. internal switch setup is identical for both switches.
The VLAN interface is setup as eth6-master. I have it on a seperate subnet with dhcp working with the connection speed of the UAP as the only bottle neck. I have firewall rules set to block all traffic between vlan and lan.
For troubleshooting I tried changing the vlan interface to the internal bridge eth2 etc when phycially moving the UAPs between ports. I can still only seem to get vlan connectivity if my ap’s are plugged into eth6-10. This isn’t a huge problem as I can wire the ap’s direct to the rb3011 but I have one way out about 300’ from the rest that needs to be on the main network switch; else i’ll have to sacrifice something else or run a new wire which will be quite difficult.
I’ve also tried suspending firewall rules and ommiting every other service but the vlan and wan setup and i still get nothing on the vlan if its not on a port in switch2. If i bypass the vlan in the uap setup all is well on any port but i dont want wifi traffic on the lan.
Any advice on where to go next? or anyone in the Chicago area familiar with these that i can pay to come consult on where i screwed up lol