Hello folks,
The VLAN Switch Control settings for the Default IoT network are not being applied to the RT-BE88U AiMesh router with Merlin or ASUS 3006.102_37xxx firmware. The issue was not present on the GT-AX 6000 with ASUS 3006.102_34810. I don’t know if the issue was introduced when ASUS created the new “Network” page to consolidate main network and Guest Network Pro or if the issue is only present on the RT-BE88U. Below are the gory details. In every case, I performed a factory reset using the WPS method and the results are fully reproducible.
An IoT network was configured under Guest Network Pro for the Default IoT network, with the default VLAN assigned (52), LAN IP 192.168.52.1, and DHCP enabled. Wireless clients connected to the IoT VLAN's SSID on both the AiMesh router and AiMesh nodes and function as expected.
However, configuring any LAN port on the AiMesh router to Mode=Access and VLAN profile for the IoT network does not yield the expected results. The port behaves like any LAN port set to All(Default) mode, receiving an IP address from the main LAN IP pool. In contrast, VLAN Switch Control settings work correctly on AiMesh nodes. Setting Mode=Access and the VLAN profile for the IoT network on a node port ensures that any device connected to that port receives an IP from the Default IoT network and can communicate with other devices assigned to the VLAN.
A VPN VLAN was also created under Guest Network Pro without encountering the previously mentioned issue. Additionally, for the VPN VLAN, there is an AiMesh configuration option available to select which nodes the VPN VLAN applies to. However, there is no AiMesh configuration option for the Default IoT VPN. Despite this, the IoT VLAN is accessible on all nodes except for the AiMesh router switch ports.
Below is the BE88U’s switch and bridge configuration after setting eth8 to mode=Access and assigning it to the Default IoT profile. The expected outcome is that eth8 and eth8.52 should not be present in br0 and br55 respectively, and eth8 should be present in br55.
bridge name bridge id STP enabled interfaces
br0 8000.cc28aa2xxxx no eth1
eth2
eth3
eth4
eth5
eth6
eth7
eth8
eth9
wds0.0.1.0
wds0.0.2.0
wds1.0.1.0
wl0.0
wl0.1
wl0.4
wl1.0
wl1.1
br55 8000.d228aa2axxxx no eth1.52
eth2.52
eth3.52
eth4.52
eth5.52
eth6.52
eth7.52
eth8.52
eth9.52
wds0.0.1.52
wds0.0.2.52
wds1.0.1.52
wl0.2
wl0.52
wl1.2
wl1.52
br56 8000.d228aa2axxxx no eth1.53
eth2.53
eth3.53
eth4.53
eth5.53
eth6.53
eth7.53
eth8.53
eth9.53
wds0.0.1.53
wds0.0.2.53
wds1.0.1.53
wl0.3
wl0.53
wl1.3
wl1.53
Network Configuration
RT-BE88U with Merlin 3006.102.3 or ASUS ASUS 3006.102_37102
Two GT-AX6000 AiMesh nodes with ASUS 3.0.0.6.102_34810. One node is connected via a 2.5 Gbps link, and the other is connected via Wi-Fi.
Workaround
I have found that, using the brctl command, I can manually assign the BE88U's ethernet ports to the desired VLAN profile.
The VLAN Switch Control settings for the Default IoT network are not being applied to the RT-BE88U AiMesh router with Merlin or ASUS 3006.102_37xxx firmware. The issue was not present on the GT-AX 6000 with ASUS 3006.102_34810. I don’t know if the issue was introduced when ASUS created the new “Network” page to consolidate main network and Guest Network Pro or if the issue is only present on the RT-BE88U. Below are the gory details. In every case, I performed a factory reset using the WPS method and the results are fully reproducible.
An IoT network was configured under Guest Network Pro for the Default IoT network, with the default VLAN assigned (52), LAN IP 192.168.52.1, and DHCP enabled. Wireless clients connected to the IoT VLAN's SSID on both the AiMesh router and AiMesh nodes and function as expected.
However, configuring any LAN port on the AiMesh router to Mode=Access and VLAN profile for the IoT network does not yield the expected results. The port behaves like any LAN port set to All(Default) mode, receiving an IP address from the main LAN IP pool. In contrast, VLAN Switch Control settings work correctly on AiMesh nodes. Setting Mode=Access and the VLAN profile for the IoT network on a node port ensures that any device connected to that port receives an IP from the Default IoT network and can communicate with other devices assigned to the VLAN.
A VPN VLAN was also created under Guest Network Pro without encountering the previously mentioned issue. Additionally, for the VPN VLAN, there is an AiMesh configuration option available to select which nodes the VPN VLAN applies to. However, there is no AiMesh configuration option for the Default IoT VPN. Despite this, the IoT VLAN is accessible on all nodes except for the AiMesh router switch ports.
Below is the BE88U’s switch and bridge configuration after setting eth8 to mode=Access and assigning it to the Default IoT profile. The expected outcome is that eth8 and eth8.52 should not be present in br0 and br55 respectively, and eth8 should be present in br55.
bridge name bridge id STP enabled interfaces
br0 8000.cc28aa2xxxx no eth1
eth2
eth3
eth4
eth5
eth6
eth7
eth8
eth9
wds0.0.1.0
wds0.0.2.0
wds1.0.1.0
wl0.0
wl0.1
wl0.4
wl1.0
wl1.1
br55 8000.d228aa2axxxx no eth1.52
eth2.52
eth3.52
eth4.52
eth5.52
eth6.52
eth7.52
eth8.52
eth9.52
wds0.0.1.52
wds0.0.2.52
wds1.0.1.52
wl0.2
wl0.52
wl1.2
wl1.52
br56 8000.d228aa2axxxx no eth1.53
eth2.53
eth3.53
eth4.53
eth5.53
eth6.53
eth7.53
eth8.53
eth9.53
wds0.0.1.53
wds0.0.2.53
wds1.0.1.53
wl0.3
wl0.53
wl1.3
wl1.53
Network Configuration
RT-BE88U with Merlin 3006.102.3 or ASUS ASUS 3006.102_37102
Two GT-AX6000 AiMesh nodes with ASUS 3.0.0.6.102_34810. One node is connected via a 2.5 Gbps link, and the other is connected via Wi-Fi.
Workaround
I have found that, using the brctl command, I can manually assign the BE88U's ethernet ports to the desired VLAN profile.
