[tmo1138]

(originally posted on the Broadcom forum - a mod suggested I x-post here to see if anyone had any thoughts)

Some additional context: I'm trying to configure my R8000 router so I could have VPN available only on specific WiFi networks (one 5Ghz and one 2.4Ghz. Should have been as simple as creating a couple of virtual IFs off of the main ones, securing them, putting them on their own bridge, setting up and subnet and DHCP server for them and then putting that subnet on the VPN policy configuration.

Everything broke down at the step to assign the virtual interfaces to a new bridge. Every time.

After multiple attempts to create a wireless bridge (br1 in the images below), assign the wl0.1 and wl1.1 virtual IFs to it, finally contacted the people I bought my router from, Flashrouters. The only way I could get this to work was to - believe it or not - flash to Tomato.. and then flash to an older BS build - R30880. Once I did this I was able to create two Virtual IFs, create a bridge, subnet and a DHCP server for that subnet. From there I set up a VPN and a policy so that only traffic from the two Virtual IFs will work.

Athens will be the VIF that I'm configuring for this. I have two: the other one is a 2.4Ghz one for devices that only have 2.4Ghz wifi.




Note.. BR1 and my two Virtual IFs happily assigned to them. No newer build than R30880 is letting me do this




The BR1 subnet, configured with a DNS, its own DHCP server, etc




I switched to IPVanish.. since configuring it, it's stayed up.. zero downtime.. disconnects have been brief and quickly reconnects back to IPVanish.. Private Internet Access can suck it. The policy routing is so that only my Virtual interfaces wl0.1 and wl1.1 use this.




It is unlikely I'll try a newer build of dd-wrt.. I'd love to, but frankly I haven't had any success getting newer ones to work..! The ones I did try up until r31780M wouldn't support this configuration - at least not using the method I show above. If any of you have thoughts on what I might need to configure differently in order to get this to work on a newer build, I'd be happy to hear them.