Multiple SSIDs & Separate Subnets w/v24

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8  Next
Author Message
JN
DD-WRT Guru


Joined: 29 Mar 2007
Posts: 771

PostPosted: Tue Aug 12, 2008 23:29    Post subject: Re: Detailed instructions from my configuration Reply with quote
TheBashar wrote:
JN wrote:
I looked at this link and it was not clear to me what to do if I want WEP. Does anyone know how to do this with WEP?


I am running build 10108M TNG Eko and I'm using WPA2-PSK on my main wireless with WEP on my virtual wireless. In my startup I do need to create the br1 bridge and move the wl0.1 interface to it from br0, but I do not need to do any special work-arounds with nas. I think those nas commands are only needed to fix WPA on the virtual wireless interfaces.
Well, I tried it with WEP, leaving out the NAS fix portion of the workaround script. I CANNOT get to the Internet from the virtual SSID (but I CAN get to the router config page). Has anybody got this working with WEP, past v24 final?

I would go back to v24 final, only I have a different problem there, where some websites wont finish loading on the virtual SSID (a.k.a. the Walmart,com problem). Please see thread on that at

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=35245

Can someone please help with either problem?
Sponsor
TheBashar
DD-WRT Novice


Joined: 26 Mar 2007
Posts: 25

PostPosted: Wed Aug 13, 2008 8:41    Post subject: Re: Detailed instructions from my configuration Reply with quote
JN wrote:
Well, I tried it with WEP, leaving out the NAS fix portion of the workaround script. I CANNOT get to the Internet from the virtual SSID (but I CAN get to the router config page). Has anybody got this working with WEP, past v24 final?


v24-SP1 is really nice in some respects but screwed up when it comes to firewall rules if you have a virtual ssid bridged in through the GUI. If you used the GUI for the bridging, then the iptables rules get all out of whack.

To test, put only the following in your firewall script (in the webgui):

iptables -F INPUT
iptables -F FORWARD

After saving that to the firewall script, reboot the router. If you can get to a website now it means your iptables scripts are screwed up. Mine were and I took a couple days and rewrote them from scratch. But everything's hunky-dory now. Give it a try but take it out once you're done testing because the -F flushes (out) all firewall rules, so you'll have your kimono wide open.
ptl54
DD-WRT Novice


Joined: 13 Aug 2008
Posts: 7

PostPosted: Wed Aug 13, 2008 23:51    Post subject: Reply with quote
I guess I found the right thread to ask this question:

"I am excited that I was able to flash and put DD-WRT (v24sp1 generic standard) on a Linksys (WRT54G v4). Then, I followed the directions here to set it up as a repeater:

http://www.wi-fiplanet.com/tutorials/article.php/3655041

At the moment, the setup is:

Buffalo - WHR-G54S w/Tomato (main router) > Linksys as repeater.

What I did then was made virtual interfaces (bridged) with the Linksys in the wireless setup. The question is, can I have virtual interfaces that are unbridged (running on their own separate virtual subnet, in other words) in repeater mode? If not possible, what are my options to make accomplish this setup?

The firewall in the repeater is disabled, and the repeater is set at IP 10.0.0.1, while the Buffalo is set at 192.168.1.1

Thanks."

I did read this entire thread, and there is mention of a repeater in the first page. However, I am very concerned about bricking the router and would like to be careful with any command/setting.
JN
DD-WRT Guru


Joined: 29 Mar 2007
Posts: 771

PostPosted: Thu Aug 14, 2008 1:17    Post subject: Re: Detailed instructions from my configuration Reply with quote
TheBashar wrote:
JN wrote:
Well, I tried it with WEP, leaving out the NAS fix portion of the workaround script. I CANNOT get to the Internet from the virtual SSID (but I CAN get to the router config page). Has anybody got this working with WEP, past v24 final?


v24-SP1 is really nice in some respects but screwed up when it comes to firewall rules if you have a virtual ssid bridged in through the GUI. If you used the GUI for the bridging, then the iptables rules get all out of whack.

To test, put only the following in your firewall script (in the webgui):

iptables -F INPUT
iptables -F FORWARD

After saving that to the firewall script, reboot the router. If you can get to a website now it means your iptables scripts are screwed up. Mine were and I took a couple days and rewrote them from scratch. But everything's hunky-dory now. Give it a try but take it out once you're done testing because the -F flushes (out) all firewall rules, so you'll have your kimono wide open.
I thought the workaround was supposed to be done bridging in the GUI and then unbridging in the commands. So, what should I do to get it working, and without the "walmart" problem I get using V24 final with the wifiplanet tutorial? I used the commands provided by rjmcinty, without the NAS part as I am not using WPA.
TheBashar
DD-WRT Novice


Joined: 26 Mar 2007
Posts: 25

PostPosted: Thu Aug 14, 2008 3:58    Post subject: Re: Detailed instructions from my configuration Reply with quote
JN wrote:
I thought the workaround was supposed to be done bridging in the GUI and then unbridging in the commands. So, what should I do to get it working, and without the "walmart" problem I get using V24 final with the wifiplanet tutorial?


I personally recommend that you tackle the problem piece by piece. It took a while for me to get virtual ssids, then secure firewall rules, then ssh, and finally openvpn all working, but I did.

The work around to the virtual ssid bridging problem in 24-sp1 is to delete the bridge configuration from the webgui and do all manipulations via commands from the startup script.

The iptables flush commands I recommended were a way to test your current situation and see if screwed up firewall rules were causing your problems.
JN
DD-WRT Guru


Joined: 29 Mar 2007
Posts: 771

PostPosted: Sat Aug 16, 2008 16:28    Post subject: Re: Detailed instructions from my configuration Reply with quote
TheBashar wrote:
I personally recommend that you tackle the problem piece by piece. It took a while for me to get virtual ssids, then secure firewall rules, then ssh, and finally openvpn all working, but I did.

I am not trying to do anything with ssh or openvpn. I just want the second isolated network for Internet only working properly with only the firewall rules to block access to my main network from the second SSID and vice versa.
TheBashar wrote:
The work around to the virtual ssid bridging problem in 24-sp1 is to delete the bridge configuration from the webgui and do all manipulations via commands from the startup script.

The workaround posted by rjmcinty quoting validcustomer, above in this thread, specifically asked me to create the second SSID as bridged and let the scripts unbridge it. So what should I do? How should his instructions be corrected?
rjmcinty wrote:
...
Step 2b: Configure virtual Interface wl0.1
- AP Isolation to Enabled if you don't want those clients to talk to each other
- Network Configuration to Bridged (the rc_startup script will unbridge it)
....
TheBashar
DD-WRT Novice


Joined: 26 Mar 2007
Posts: 25

PostPosted: Sat Aug 16, 2008 17:47    Post subject: Re: Detailed instructions from my configuration Reply with quote
JN wrote:
The workaround posted by rjmcinty quoting validcustomer, above in this thread, specifically asked me to create the second SSID as bridged and let the scripts unbridge it. So what should I do? How should his instructions be corrected?


Sorry, a little terminology skew. The option to have the virtual ssid as bridged is perfectly fine. I was simply recommending that you not use the "Create Bridge" button on the Setup->Networking tab.

rjmcinty's instructions look fine. If you used that configuration and can get connected to the wireless than the walmart problem is probably and iptables problem. Can you paste the following command into the Administration->Commands->Command Shell box and then post the results from the "Run Commands" button?

iptables -L -nv
Jimmmm
DD-WRT Novice


Joined: 02 Mar 2008
Posts: 11

PostPosted: Sun Aug 17, 2008 18:44    Post subject: Re: Detailed instructions from my configuration Reply with quote
TheBashar wrote:
To test, put only the following in your firewall script (in the webgui):

iptables -F INPUT
iptables -F FORWARD


This will only flush the rules until the next reboot, right? After removing it they return to defaults?
TheBashar
DD-WRT Novice


Joined: 26 Mar 2007
Posts: 25

PostPosted: Sun Aug 17, 2008 20:13    Post subject: Re: Detailed instructions from my configuration Reply with quote
Jimmmm wrote:
TheBashar wrote:
To test, put only the following in your firewall script (in the webgui):

iptables -F INPUT
iptables -F FORWARD


This will only flush the rules until the next reboot, right? After removing it they return to defaults?


Yes, if you remove the flush lines from your startup script (and then reboot the router just to be extra safe) the firewall rules will return to normal.
JN
DD-WRT Guru


Joined: 29 Mar 2007
Posts: 771

PostPosted: Thu Aug 21, 2008 0:42    Post subject: Re: Detailed instructions from my configuration Reply with quote
[quote="TheBashar"]
JN wrote:
Sorry, a little terminology skew. The option to have the virtual ssid as bridged is perfectly fine. I was simply recommending that you not use the "Create Bridge" button on the Setup->Networking tab.

rjmcinty's instructions look fine. If you used that configuration and can get connected to the wireless than the walmart problem is probably and iptables problem. Can you paste the following command into the Administration->Commands->Command Shell box and then post the results from the "Run Commands" button?

iptables -L -nv
I never had used the Create Bridge button. Regarding rjmcinty's instructions, I was using them only on V24 TNG versions because the original wifiplanet tutorial did not work at all to access any web site from the virtual SSID. The walmart problem occurs in V24 final when using the wifiplanent tutorial. I was hoping to get rid of the walmart problem by advancing beyond V24 final and found the wifiplanent tutorial method broken and then I tried the rjmcinty solution, which don't work at all for me.

Can anyone advise me on how to get the virtual SSID to work correctly on any version of DD-WRT, and to be free of the walmart problem?
pc_gamer321
DD-WRT Novice


Joined: 09 Apr 2008
Posts: 3

PostPosted: Thu Aug 28, 2008 1:09    Post subject: Reply with quote
I need help with setting up multiple SSIDs! Its driving me crazy.

So I have my man network, which has WPA security, but I also have a DS I need to connect to the internet, but it only supports WEP.
On my old buffalo firmware, I was able to make two ssids, so my DS can connect to one making it my DS network. However, I have no clue how to do it with DD WRT v24 sp1 and the original post just doesn't seem to click. I don't get it, and I don't want to change my main security to WEP.
pc_gamer321
DD-WRT Novice


Joined: 09 Apr 2008
Posts: 3

PostPosted: Thu Aug 28, 2008 21:59    Post subject: Reply with quote
pc_gamer321 wrote:
I need help with setting up multiple SSIDs! Its driving me crazy.

So I have my man network, which has WPA security, but I also have a DS I need to connect to the internet, but it only supports WEP.
On my old buffalo firmware, I was able to make two ssids, so my DS can connect to one making it my DS network. However, I have no clue how to do it with DD WRT v24 sp1 and the original post just doesn't seem to click. I don't get it, and I don't want to change my main security to WEP.
anyone please?
joksi
DD-WRT Guru


Joined: 16 Jan 2007
Posts: 1240

PostPosted: Thu Aug 28, 2008 23:07    Post subject: Reply with quote
Easy, wireless->basic setup. Add a VAP, give it new SSID and apply. Change the encryption under wireless security
pc_gamer321
DD-WRT Novice


Joined: 09 Apr 2008
Posts: 3

PostPosted: Thu Aug 28, 2008 23:15    Post subject: Reply with quote
joksi wrote:
Easy, wireless->basic setup. Add a VAP, give it new SSID and apply. Change the encryption under wireless security
*facepalm*
I feel dumb now. Razz
JN
DD-WRT Guru


Joined: 29 Mar 2007
Posts: 771

PostPosted: Mon Sep 01, 2008 16:11    Post subject: Reply with quote
I am still wondering if anyone can help me on how to get the virtual SSID to work correctly on any version of DD-WRT, and to be free of the walmart problem?

Thanks in advance.
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8  Next Display posts from previous:    Page 6 of 8
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum