[S@gittarius]

Hi guys,
I’ve search throughout the forum but didn’t find anything helpful about the problem in the topic. I followed the wiki tutorials explaining how to detached LAN (WLAN), set them to use separate DHCP scope and finally allow them to use Internet in something, I should say, more controllable environment. I did both WEB GUI and command line interactions with equal success or lack of it ;o). Actually everything went very smooth and straightforward until I tried to browse sites from detached LAN (WLAN). It looks as though browser receives some portion of the web page (because I can see its title) but couldn’t download the rest of it. At the same time clients on non detached LAN (WLAN) don’t have such problems. The weird thing is that detached clients can ping theirs gateway, ping outer hosts as well and make foreign connections. It appears they can receive a small bunch of information but could not retrieve big packets. More over I can establish an outbound PPTP connection to a foreign VPN server and then surf the net with no problems. I did a lot of reading throughout the forum and especially on issues with v24sp1 firmware. Finally I upgraded to v24sp2 build SVN11296 but the problem still persists. I use PPPoE on WAN interface if this information could be of any help.
I would greatly appreciate any suggestions you may have.
Regards

[S@gittarius]

I solved the problem!!! (see above)
I haven’t seen such a solution throughout the forums and that’s why I’ll share the knowledge.
I’m quite sure it’ll be in help of those who really want to separate WLAN from LAN. The main goal of this is improved security and more options to control clients’ traffic. Solutions so far came to a detached from br0 interface with its own ip address. For some reason this doesn’t work (at least for me). I not only tried to detach wireless clients (eth1) but to separate one of the switch ports in its own vlan. In both cases the result was the same and more importantly the symptoms were equal. So it must have been something in the way DD-WRT handles vlan interfaces which have an ip address set up. Then I realized that in the original topology both LAN & WLAN clients a bridged through br0 (vlan0 and eth1 are part of that bridge). And bingo! To detach an interface you need to create a new bridge interface (lets say br1) with an ip set up and put desired interface in that bridge (for instance eth1 -> br1). You must reboot router in order to apply this new layout. Now it’s up to you to set up additional features on the new network (dhcp, filters etc.) and most importantly to tell who goes where. Everything could be done through web GUI of DD-WRT.

[mawker]

Hi!

I also have a similar problem as that you described here. Configuration: V24SP2 DD-WRT, WRT-54GL, PPPoE, a separate VLAN,

Previously, the router's WAN port connecting to ADSL modem-router combo one of them LAN port. A separate VLAN worked perfectly. I changed internet service provider, where I received a simple ADSL modem. I thought there is no problem, just adjust the WAN to the PPPoE, and everything is ok. But no. After that, only certain pages loaded, but they are only a small part of ... Ping works, DNS works, it's can connecting to the server, but the data transmision not work...

I read out the nvram informations, the difference is very small. MTU and some PPPoE settings are differently

Do you have really a working configuration with separate VLANs?

Thanks,

Csaba

[adrianb]

hi!
I have exactly the same problem as described above and need your gurus' help please...

I'm using WRT54GL with software recommended here on the forum DD-WRT v24-sp2 (08/12/10) vpn (SVN revision 14929). From the local ISP I got a simple ADLS modem with Ethernet port which I connect my dd-wrt device to. All computers connected to default LAN ports vlan0 with default router configuration work good. The same is for default WiFi connection, everything works ok. The connected computers have proper Internet connection and all web pages open without any problem.
However web pages opening fails on the detached VLAN. I've tried both configurations, without additional bridge as its stated in how-to and also with the bridge as described by S@gittarius. The things I've noticed:
- after establishing PPPoE connection the optional MTU setting (on the WAN Setup page) changes from Auto to Manual and the value is set automatically to 1492; after changing it back to Auto and applying, it comes back to Manual 1492.
- After assigning one of the ports to vlan2 and unbridging it, it's default MTU is set to 1500
- the same MTU 1500 is set when I add new bridge (br1) and assign vlan2 to it
- when I change IP or MTU for br1 then they change automatically for vlan2 too
- there is no difference in the connected computer behavior when MTU is set to 1500 and 1492
- the web pages that can't be opened use javascript
- and most interesting: everything starts working properly when I set MTU to 1492 on the connected computer! In Windows it could be done by adding MTU DWORD value under HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{_intrface_id}\

This is however only partial workaround as I'm not able to set MTU on my tablet or my mobile.

So the question is if there is any way to get this working properly by modifying something inside dd-wrt? I would very appreciate any suggestion.

Thanks in advance,
Adrian

[adrianb]

hi,
this is for those who may be interested - it seems the above MTU issue is a well known Linux MTU bug. I've googled a bit and found some clues regarding this problem. The detailed description of MTU issue together with the ways to fix it on Linux can be found here: http://tldp.org/HOWTO/IP-Masquerade-HOWTO/mtu-issues.html.
Several other articles referring to very similar "MTU bug" in dd-wrt are here: http://www.dd-wrt.com/wiki/index.php/Chillispot and here: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=10757&sid=f42bb557af9606702d6ad9e4698a1bb8

In my case the solution was to add the following line to the firewall script: