Posted: Tue Aug 01, 2017 17:39 Post subject: WRT1900ACSv2 802.11q VLAN
I am trying to setup a WRT1900ACSv2 running build 32868 as a WAP only behind a Cisco ASA5510. The Cisco is handling all my DHCP request, firewalling, etc. I would like to have untagged wireless clients (phones, printers, etc.) on ath1 going to the Cisco to be tagged in VLAN 10 and untagged wireless clients (guest devices) on ath1.1 going to the Cisco tagged in VLAN 9. So basically I just need one port on the WRT1900ACSv2 to tag outgoing packets in both VLAN 9 and 10 headed to the Cisco. I have the Cisco already configured and ready to receive the tagged packets and verified that everything on that end works. I have spent countless hours reading and searching the forums but have not had any success. I have got this to work at another site years ago using a ASUS RT-N66U and build 20202. Of course that unit used a Broadcom chipset and older firmware. Does anyone have any good info on how to do this on the WRT1900ACSv2?
I've read that on some forum posts but cannot figure out what commands I need to input to accomplish what I am looking to do. Any help would be greatly appreciated.
swconfig dev switch0 vlan 9 set vid 9
swconfig dev switch0 vlan 10 set vid 10
swconfig dev switch0 vlan 9 set ports '2t 6'
swconfig dev switch0 vlan 10 set ports '2t 6'
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 set apply
This seems to work only for vlan 10. If I omit the two lines for vlan 10 it will then work for vlan 9. I need both vlans tagged on port 2. Any idea or pointers on what I am doing wrong?
swconfig dev switch0 vlan 9 set vid 9
swconfig dev switch0 vlan 10 set vid 10
swconfig dev switch0 vlan 9 set ports '2t 6'
swconfig dev switch0 vlan 10 set ports '2t 6'
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 set apply
This seems to work only for vlan 10. If I omit the two lines for vlan 10 it will then work for vlan 9. I need both vlans tagged on port 2. Any idea or pointers on what I am doing wrong?
You can only tag one vlan per port!
The packet header only has room for one vlan id.
Where does your requirement of needing to tags both vlan 9 and 10 for port 2 come from?
You can only tag one vlan per port!
The packet header only has room for one vlan id.
Where does your requirement of needing to tags both vlan 9 and 10 for port 2 come from?
That seems strange. I basically want a WAP only with one LAN port to be a trunk port going to my Cisco ASA. I want wireless clients connecting on the private wireless (ath1) to get sent to VLAN 10 and wireless clients connecting on the guest wireless (ath1.1) to get sent to VLAN 9. The Cisco will handle the DHCP, security, etc. for each tagged interface. I've tagged multiple VLAN's on one port on an older ASUS RT-66U router with an older build for sure. I've attached a screenshot that I had from the ASUS RT-66U Broadcom based router that was doing this.
