E3200 - Trouble with Guest Network
Observer1
Enthusiast - Level 3

TL;DR   Guest network on E3200 not working

I recently upgraded my home network:  new 1G-capable ONT, new G3100 (1104) connected via GigE to new E3200 (1103), both running firmware 3.1.0.12.  SON disabled.  Guest network SSID enabled.

What's working:

  • Devices associating with the Primary SSID or the IoT SSID via either G3100 or E3200 receive IP address xxx.xxx.1.x (router and DNS at xxx.xxx.1.1), and can access the Internet.
  • Devices associating with my Guest SSID via the G3100 receive IP address xxx.xxx.200.x (router and DNS at xxx.xxx.200.1.1), and can access the Internet.

What's not working:

  • Devices associating with my Guest SSID via the E3200 apparently don't receive a DHCP response and are left without a routable address, and cannot access the Internet.

I've tried with SON enabled and disabled, and with the IoT SSID enabled and disabled.  I can move a device nearer the G3100 and have access, and then move nearer the E3200 and lose access.

Reviewing the LAN DHCP log (on the G3100) I have seen the DHCP-supplied IP address properly increment from xxx.xxx.200.2 to xxx.xxx.200.3 when a second device joined the guest network.  And I saw DHCP request/ack sequences for both the xxx.xxx.200.2 and xxx.xxx.200.3 devices each time they associated with either the G3100 or E3200.  However, despite the correct request/ack sequence being logged as the devices were associated with the E3200, they apparently failed to receive their IP configuration information.

I manually configured the correct guest subnet IP information (address, mask, router, DNS) in each of the two devices and re-associated with the 3200.  Neither worked.

I noticed concerns in the forum about iOS devices and the 3200, so made sure to try with MacBook as well.  No difference in results.

Am I missing something obvious in my configuration?

0 Likes
Reply
1 Solution
Observer1
Enthusiast - Level 3

Well, ahem, it turns out I *was* missing something obvious in my configuration.  I failed to fully describe how the G3100 and E3200 were connected.  When the E3200 extender arrived, some time after the G3100, I simply replaced an old AP on the far side of house...  Since that AP had been connected to the G3100 through a Netgear smart switch (GS716T), it meant my "backhaul" between the G3100 and E3200 was subject to whatever VLAN policies I previously had in place for those ports on the switch.

I bypassed the switch (home run ethernet cable between G3100 and E3200) and... viola!  Devices associating with the Guest SSID on the E3200 were now able to receive their IP config info and access the internet.  Perhaps others who reported trouble with their E3200s should first make sure the backhaul (if ethernet) has no intermediate switches.

The observed behavior suggests the Verizon router and extender are using a VLAN to isolate the Guest traffic, in addition to using a subnet with xxx.xxx.200.x addresses.

Can anyone confirm the guest VLAN, and if so, identify the guest VLAN ID?  

Knowing the guest VLAN ID would presumably allow:

  • restoring my original cabling (after configuring the guest VLAN in my switch)
  • using the guest VLAN for ethernet-connected devices (IoTs/game consoles, in particular)
  • working around any guest device count limitation by running second DHCP server to hand out IP addresses on the subnet above xxx.xxx.200.11 (I read some postings suggesting that the G3100 was only handing out 10 guest subnet addresses - I have not reached that limit)

View solution in original post

4 Replies
Observer1
Enthusiast - Level 3

Well, ahem, it turns out I *was* missing something obvious in my configuration.  I failed to fully describe how the G3100 and E3200 were connected.  When the E3200 extender arrived, some time after the G3100, I simply replaced an old AP on the far side of house...  Since that AP had been connected to the G3100 through a Netgear smart switch (GS716T), it meant my "backhaul" between the G3100 and E3200 was subject to whatever VLAN policies I previously had in place for those ports on the switch.

I bypassed the switch (home run ethernet cable between G3100 and E3200) and... viola!  Devices associating with the Guest SSID on the E3200 were now able to receive their IP config info and access the internet.  Perhaps others who reported trouble with their E3200s should first make sure the backhaul (if ethernet) has no intermediate switches.

The observed behavior suggests the Verizon router and extender are using a VLAN to isolate the Guest traffic, in addition to using a subnet with xxx.xxx.200.x addresses.

Can anyone confirm the guest VLAN, and if so, identify the guest VLAN ID?  

Knowing the guest VLAN ID would presumably allow:

  • restoring my original cabling (after configuring the guest VLAN in my switch)
  • using the guest VLAN for ethernet-connected devices (IoTs/game consoles, in particular)
  • working around any guest device count limitation by running second DHCP server to hand out IP addresses on the subnet above xxx.xxx.200.11 (I read some postings suggesting that the G3100 was only handing out 10 guest subnet addresses - I have not reached that limit)
Observer1
Enthusiast - Level 3

I forgot to include a plug for my (now-successful) 1G upgrade, which was ordered as part of a promotion that included free G3100 and free E3200, and a $200 credit that will cover the $149 installation fee.

Speed tests report ~950Mb/s down and up at the ONT, and ~500Mb/s down and up to both iPhone 11 and iPhone 12 associated with the primary wireless network near the E3200.  Both phones associated with the guest network near the E3200 report ~100Mb/s down and up, presumably because the guest SSID is limited to 2.4GHz.

0 Likes
Reply
Cang_Household

Do you happen to have two Ethernet NICs on a single computer? I would configure a man in the middle between the G3100 and E3200 to find out. I don't have an E3200 right now so I couldn't test it.

Also, regarding the VLAN. I am not sure where did I see you asking whether G3100 supports VLAN tagging on its operating system. The answer is yes. During boot time, I see 802.1q VLAN package initiated in syslog. It might be a G1100's syslog, I couldn't remember.

Observer1
Enthusiast - Level 3

@Cang_Household wrote:

Do you happen to have two Ethernet NICs on a single computer? I would configure a man in the middle between the G3100 and E3200 to find out. I don't have an E3200 right now so I couldn't test it.


It turns out I have a better option... a managed switch and Wireshark.  I'll post the results in a new thread.