Omada Pro Logo official website Vigi Logo official website
Contact Us
South Africa / English

How to configure Management VLAN for Omada Devices (Omada Controller 5.15 or above)

Knowledgebase
Configuration Guide
BookmarksCopy Link
11-13-2025
104

Contents

Objective

Requirements

Introduction

Configuration

Objective

This guide provides instructions for configuring Management VLAN for Omada Devices.

Requirements

  • Omada Controller
  • Omada AP/Omada Switch

Introduction

The management VLAN is a VLAN created to separate the management network from the data network. By default, the management VLAN is the LAN network in a network centrally managed by Omada SDN Controller.

You can change the management VLAN to improve network security. With a separated management VLAN, it is much harder for unauthorized users to modify the configurations or monitor the network.

Note:

1. Configurations in Omada Hardware Controller and Software Controller are the same. Before configuring the Management VLAN, refer to the User Guide to add the devices to the controller, and set up the computer running the controller to obtain an IP address dynamically.

2. When using the Omada Cloud-Based Controller, you do not need to configure the Management VLAN because it has separated the management data from the user data to ensure privacy. No user data will pass through the cloud.

Configuration

1. Use the default management VLAN

Note: In default mode, only untagged and VLAN 1 frames can communicate with the device.

When using the default management VLAN, set the Network Tags Setting of the port connected to the EAP to Allow All.

The configuration page of the port connected to the EAP.

2. Use custom management VLAN

Note: When set to a specific VLAN, only packets carrying that VLAN tag can communicate with the EAP.

Step 1. Go to Settings > Wired Networks > LAN Networks and click Create New LAN to create a network (named MGMT VLAN with VLAN ID 4090 in this example) as Interface. Click the box of the associated LAN interface (LAN1), enable the DHCP Server, and fill in the DHCP range to assign IP addresses to devices in this network. After being created, a profile with the same name will be added automatically, and its PVID is 4090.

Add LAN page.

Step 2. Set the Native Network of the port connected to the EAP to the corresponding VLAN and the Network Tags Setting to Allow All.

Port configuration page.

Step 3. Go to Devices and add the devices to MGMT VLAN (VLAN 4090). The steps for switches and EAPs are similar.

For the switch, click Manage Device to enter the configuration page.

Switch detail page.

Go to Config > VLAN Interface. Enable MGMT VLAN, and click the action icon to configure it.

Switch VLAN Interface page.

Enable Management VLAN.

VLAN Interface configuration page.

For AP, go to Config > General. Then change Management VLAN to Custom and choose MGMT VLAN.

AP General Config page.

Please Rate this Document

Related Documents

How to configure Management VLAN in Omada SDN Controller (v4.4.4 - v5.8.4)

Configuration Guide
Controller
08-30-2022
13532

How to configure VLAN on Omada Gateway via Omada Controller

Configuration Guide
Vlan
07-09-2024
13604

How to configure VLAN on Omada Gateway via Omada Controller

Configuration Guide
Vlan
11-06-2024
22899

How to configure VLAN with Omada Network v6

Configuration Guide
10-27-2025
6501

How to configure Voice VLAN on Omada Switches using Omada Controller

Configuration Guide
Vlan
11-19-2024
19132

SubscriptionTP-Link takes your privacy seriously. For further details on TP-Link's privacy practices, see TP-Link's Privacy Policy.

Email Error

Follow Us

About
Press
Partners
Learning Center
TP-Link Omada Omada Pro VIGI
South Africa / English

©2025 TP-LINK TECHNOLOGIES SOUTH AFRICA (PTY) LTD and its affiliated companies. All rights reserved.

This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy . Don’t show again

Your Privacy Choices

This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy . Don’t show again

Basic Cookies

These cookies are necessary for the website to function and cannot be deactivated in your systems.

TP-Link

SESSION, JSESSIONID, accepted_local_switcher, tp_privacy_banner, tp_privacy_base, tp_privacy_marketing, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType

Youtube

id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ

Zendesk

OptanonConsent, __cf_bm, __cfruid, _cfuvid, _help_center_session, _pendo___sg__.<container-id>, _pendo_meta.<container-id>, _pendo_visitorId.<container-id>, _zendesk_authenticated, _zendesk_cookie, _zendesk_session, _zendesk_shared_session, ajs_anonymous_id, cf_clearance

Analysis and Marketing Cookies

Analysis cookies enable us to analyze your activities on our website in order to improve and adapt the functionality of our website.

The marketing cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.

Google Analytics & Google Tag Manager

_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>

Google Ads & DoubleClick

test_cookie, _gcl_au