About Mesh Networks

Applies To: Wi-Fi Cloud-managed Access Points (AP120, AP125, AP225W, AP320, AP322, AP325, AP327X, AP420)

In a wireless mesh network, one or more APs connected to the wired network can provide wireless network connectivity to other APs that are not connected to the wired network. Wireless mesh networks remove the need to provide a wired network connection to every AP.

You can use mesh networks in environments where the installation of a wired network is not a cost-effective option. For example, a wireless mesh can be used to connect two wired networks in different premises or to extend a wired network to open spaces within a premise. Note that you cannot create a wireless mesh network that is a combination of WatchGuard APs and APs from other vendors. The mesh network must consist of WatchGuard APs only.

  • For dual-radio APs configured in a mesh network, we recommend you use one radio dedicated to mesh network functions for the best throughput performance. One radio can be configured as a mesh radio while the other radio can be configured to offer wireless access to clients.
  • We recommend you use the 5 GHz radio for the mesh link. You can use the 2.4 GHz radio for a longer range between mesh endpoints, but the resulting mesh connection will be slower. The 5 GHz radio provides better throughput for devices connected through the mesh radio.
  • Set a manual transmit power of 30 dBm on the mesh radio for maximum signal strength and stability.
  • If you use the 5 GHz radio for the mesh radio, use a channel width of 20/40 MHz instead of 20/40/80 MHz. If the channel width is 80 MHz, an adjacent channel might interfere with the channel used by the 5 GHz radio.

How Wireless Mesh Networks Work

A wireless mesh network consists of root and non-root APs.

  • A root device is an AP that is directly connected to the wired network.
  • A non-root device is an AP that is not directly connected to the wired network. It connects to the wired network through the root AP. A non-root AP can communicate with the root AP directly, or through another non-root AP. There could be one or more root APs and multiple non-root APs in the wireless mesh network.

Mesh APs require a recommended signal strength of at least -50 dBm between each AP.

The mesh network is formed only after the root AP is powered on and available over the network. The root AP propagates the signal on the mesh radio. A non-root AP tries to establish a connection with the root AP and waits for 60 seconds to make sure that the connection is stable before propagating signals on its mesh radio. When the APs in the mesh network are online, it will take at least 60 seconds multiplied by the maximum number of hops for the entire mesh network to be established.

When the mesh network is established, the mesh radios of the APs check for path validity and the RSSI values to calculate the least-cost path every 10 seconds. A path is considered invalid if the non-root AP is unable to reach the root AP. If a non-root AP finds the existing path to be invalid on three consecutive retries, it switches to the next best path. Similarly, if a non-root AP finds the existing path not to be the least-cost path on five consecutive retries, it switches to the best path.

If an AP in the mesh network fails, reboots, is powered down, or is not functional, then all the APs connected to it wait for 60 seconds before identifying another valid least-cost path. Also, if an AP is unable to obtain a stable connection with another AP for three consecutive retries, then the former AP places the latter device on a discard list for one hour.

These measures ensure effective use of APs, improved performance from the mesh network, and failover capability when APs fail.

Create a Wireless Mesh Network

You can create a Mesh network with the Discover or Manage applications. We recommend you use Discover to simplify the mesh network configuration.