Hi Mesquite,If you read the TPLINK user guide, it is not designed to be able to read and handle VLAN tagging.
Therefore its not suprizing that new clients were assigned to the same vlan.
HOWEVER, what you should know and can test is that the GUEST vlan and IOT vlan on the decos are set so that:
a. they cannot even talk to each other or to the other wifi users on main wifi.
b. they cannot reach any other wired users on the same vlan
Suggest you test....................
Thanks for your message.
I did some further digging to double check my earlier post and research to see if that was the case
I found a forum post telling me to check the debug logs of my deco's and i can confirm my system debug logs show the following:
Code:
config{enable_5g:1,ssid:MYSSID_Guest,encryption:1,enable:1,password:VERY_STRONG_PASSWORD,usr_set:1,access_duration:-1,enc_type:wpa2,start_time:1706879140,enable_2g:1,enable_5g2:0}Fri Feb 2 13:05:44 2024 daemon.notice nrd[19861]: Leaving nrd executive programFri Feb 2 13:05:44 2024 user.info root: guest-eth [trigger]wifi config has changed, check vlan Fri Feb 2 13:05:44 2024 user.info root: guest-eth guest vlan enable, guest_vlan id is 591Fri Feb 2 13:05:44 2024 user.info root: guest-eth guest vlan id is changed -> 591, or iptv port changed to other, restart apsd and switch Fri Feb 2 13:05:45 2024 daemon.info /usr/bin/apsd: config_load:415: Info: backhual lan:ath02.1, guest:ath02.2.........Fri Feb 2 13:05:45 2024 daemon.emerg procd: uci: Entry not foundFri Feb 2 13:05:45 2024 user.info root: guest-eth AP role, eth0 set tag port, vlan id is 591Fri Feb 2 13:05:45 2024 user.info root: guest-eth AP role, eth1 set tag port, vlan id is 591Fri Feb 2 13:05:45 2024 user.info root: wps: wpsd reload......And then how do I put the vlan591 tagged packets in isolation from the untagged ones?
Thanks for your help
Statistics: Posted by Ameeno — Fri Feb 02, 2024 7:31 pm