Wi-Fi Connected but No Internet on Android? Fixing SG3218XP-M2 v1.0 + EAP773 Intermittent Issues

When Ethernet devices work perfectly but Android phones suddenly say “Connected without Internet”, the problem usually isn’t your ISP. It’s almost always something subtle inside the LAN.

This guide breaks down a real-world case involving:

TP-Link JetStream SG3218XP-M2
TP-Link Omada EAP773
Firewalla
Android phones and Meta Quest 3

Ethernet devices? Fine.
Wi-Fi laptops? Usually fine.
Android phones and Quest 3? Randomly show No Internet.

Toggling Wi-Fi fixes it. Disabling firewall rules doesn’t. Firmware updates don’t help.

Let’s unpack what’s really happening.

The Important Clue: It’s Not Actually “No Internet”

Android doesn’t just check if it has an IP address. It performs an active validation test.

When you connect to Wi-Fi, Android:

Gets an IP from DHCP
Resolves DNS
Contacts a Google connectivity endpoint
Expects a specific HTTP response (204)

If any of that fails — even briefly — Android flags the network as “Connected without Internet”.

Meanwhile:

Your TV keeps streaming.
Your PC keeps browsing.
Your firewall logs show nothing obvious.

So this is usually a validation failure, not a real outage.

Why Ethernet Devices Work but Android Fails

This is common in setups where:

A managed switch handles VLANs
A firewall handles DNS
An Omada AP handles Wi-Fi
IPv6 is partially enabled
DNS interception is active

Android is stricter and faster at deciding something is wrong.

Let’s look at the most likely causes.

1️⃣ DNS Handling Conflicts (Most Common Cause)

In this setup, Firewalla is handling DNS.

That’s fine — until:

DNS responses are slightly delayed
Upstream DNS servers are slow
DNS caching is disabled
DNS interception conflicts with device hardcoded DNS
IPv6 DNS resolves but routing fails

Android times out quickly during its validation check.

What to Test

On an affected Android device:

Set Private DNS off temporarily
Manually set DNS to 8.8.8.8 or 1.1.1.1
See if the issue stops

If it does, the issue is inside your DNS path.

Possible Fixes

Enable DNS caching (either on Firewalla or upstream)
Reduce DNS filtering temporarily
Disable DNS interception rules
Check for IPv6 DNS mismatches

2️⃣ IPv6 Misconfiguration (Extremely Common in Omada Setups)

This one surprises people.

If:

The AP advertises IPv6
The firewall partially supports IPv6
The ISP does not properly route IPv6

Android prefers IPv6 by default.

If IPv6 connectivity fails but IPv4 works, Android may mark the network as “No Internet.”

Meanwhile:

Ethernet devices fall back to IPv4 silently
TVs don’t care
PCs adapt
Android does not.

Quick Diagnostic

Temporarily disable IPv6 on:

The WAN side of Firewalla
or

The LAN / AP settings

If the problem disappears instantly, you’ve found your root cause.

3️⃣ VLAN or Gateway ARP Delay

Since traffic flows:

Client → EAP773 → SG3218XP-M2 → Firewalla → Internet

Any delay in:

VLAN tagging
ARP resolution
STP transitions
Gateway responsiveness

Can break Android’s short validation window.

Even a 1–2 second delay can trigger the error.

Managed switches sometimes introduce micro-delays during port state changes or power-saving transitions.

What to Check

STP mode (try RSTP if not already)
VLAN tagging consistency
AP uplink port configuration
Disable “Green Ethernet” or power-saving modes

4️⃣ Fast Roaming / Wi-Fi 6 / Wi-Fi 7 Features

The EAP773 supports Wi-Fi 7 and advanced roaming.

Sometimes features like:

802.11r (Fast Roaming)
802.11k
802.11v
Band steering

Can cause brief re-authentication events.

Android sees that micro-interruption and flags no internet.

Test

Temporarily disable:

Fast roaming
AI roaming optimization
Advanced band steering

See if stability improves.

5️⃣ Captive Portal Detection Blocking

Android expects a specific HTTP 204 response from Google’s connectivity check servers.

If:

Firewall filtering blocks that domain
DNS-based filtering interferes
HTTPS inspection modifies traffic

Android may think it’s behind a captive portal.

Even if everything else works.

This is why putting Firewalla into emergency mode didn’t fix it — DNS or routing behavior may still have been altered.

Visualizing the Network Path

The problem is almost always somewhere between the AP and the firewall — not the ISP.

Step-by-Step Troubleshooting Checklist

Follow this in order:

Step 1

Disable IPv6 temporarily.

Step 2

Manually set DNS on one Android device.

Step 3

Enable DNS caching (if available).

Step 4

Disable fast roaming features.

Step 5

Check switch port configuration for:

Correct VLAN tagging
No port isolation
No power-saving features

Step 6

Ping connectivitycheck.gstatic.com from a wired LAN device and confirm resolution speed.

Why This Feels “Intermittent”

Because:

DNS latency fluctuates
IPv6 routing inconsistencies vary
ARP cache timing changes
Roaming triggers randomly
Android validation timeout is aggressive

Toggling Wi-Fi forces a fresh validation cycle, which often succeeds.

That’s why it “fixes itself.”

The Most Likely Culprit

In setups like this, the top two causes are:

IPv6 partially enabled but not fully functional
DNS handling delays through firewall filtering

Start there.

Final Takeaway

When Android says “Connected without Internet,” it usually means:

“My validation test failed.”

Not:

“Your ISP is down.”

In advanced networks using managed switches, Omada APs, and firewall-based DNS, even small timing or routing inconsistencies can trigger Android’s warning.

Fix the validation path — not the internet itself — and the issue disappears.

Geethu

Geethu is an educator with a passion for exploring the ever-evolving world of technology, artificial intelligence, and IT. In her free time, she delves into research and writes insightful articles, breaking down complex topics into simple, engaging, and informative content. Through her work, she aims to share her knowledge and empower readers with a deeper understanding of the latest trends and innovations.