Joined: 31 Aug 2009 Posts: 2448 Location: Third Rock from the Sun
Posted: Thu Jul 29, 2010 15:24 Post subject:
phuzi0n wrote:
I've been playing with the nvram settings on the two devices I have that support them, and as soon as I'm sure how to set them I'll be revising the switch port page with more info including how to set up VLAN trunks. After that's done I'll do something about making a list of models that have VERIFIED VLAN functionality with links to the forum threads that verify it.
thx p~, let me know how and if I can help in any way. My list of devices can be found here. _________________ Peacock Thread-FAQ -- dd-wrt Wiki
I was about to buy the 500gp, but went with the 520gu instead. I figured the chances of me wanting to use the usb 2.0 ports are slim to none since I have a server running 24/7. Nothing else but VLANs is truly needed at this time so I saved the $20.
Joined: 06 Feb 2010 Posts: 7401 Location: Little Rock
Posted: Mon Aug 02, 2010 1:42 Post subject:
Yes the wl520gU is no problems with VLANs whatsoever and very well worth the money, that or the rosewill is what i am now recommending over the WRT54G/GS/GL or Netgear WGR614L.
@ phuzi0n , i am currently checking some of my funds, i want to send you a WRT320N so you can do some further tests with VLANs, will PM you if this is success, which probably will be considering most times i just do stuff anyhow _________________ Wireless N Config | Linking Routers | DD-WRT Wiki | DD-WRT Builds | Peacock - Broadcom FAQ
Posted: Wed Aug 04, 2010 0:24 Post subject: Hey buddee.....or anyone
I received my Asus WL520-GU and think I'm all set to go, but would like to run the process by you first to verify.
1. I have, and will use, the Asus Recovery Utility.
2. I will first flash wl500g-clear-nvram.trx.
3. I will then flash wl500g-recover.trx.
3a. Or skip the above 2 files and go straight to step 4?
4. Flash dd-wrt.v24_mini_asus.trx from Brainslayer dated 2010-07-16 (r14815).
4a. Flash a USB-specific build as the mini_asus.trx build doesn't support USB?
5. I'm done!
I don't mean to be such a noob, but even the "cleaned up" guides are listed as outdated! Don't get me wrong here as I understand there is a lot to support and every wiki, even outdated, is better than no wiki!
Joined: 06 Feb 2010 Posts: 7401 Location: Little Rock
Posted: Wed Aug 04, 2010 0:35 Post subject: Re: Hey buddee.....or anyone
Nucleus111 wrote:
I received my Asus WL520-GU and think I'm all set to go, but would like to run the process by you first to verify.
1. I have, and will use, the Asus Recovery Utility.
2. I will first flash wl500g-clear-nvram.trx.
3. I will then flash wl500g-recover.trx.
3a. Or skip the above 2 files and go straight to step 4?
4. Flash dd-wrt.v24_mini_asus.trx from Brainslayer dated 2010-07-16 (r14815).
4a. Flash a USB-specific build as the mini_asus.trx build doesn't support USB?
5. I'm done!
I don't mean to be such a noob, but even the "cleaned up" guides are listed as outdated! Don't get me wrong here as I understand there is a lot to support and every wiki, even outdated, is better than no wiki!
My apologies but, I know nothing about using the Asus Recovery Utility, i always just TFTP flashed my asus units, TFTP has always just been easier for me and has always worked for me. I used this guide for flashing...
OK...I got everything going w/o any issues (though I didn't tackle VLANs yet). I was even successful getting my printer I have at work printing. I followed one of the guides specific to the 520GU and ran this command:
and create this cron job:
* * * * * root /jffs/watchprinter
which would monitor the print server and start it only when a printer was connected.
My question is how much, if any, of a performance hit am I taking by not using this script if a printer is not connected/turned on and should I really be using it? If I do use it would anyone know how fast the printer becomes available once turned on?
Joined: 06 Feb 2010 Posts: 7401 Location: Little Rock
Posted: Wed Aug 04, 2010 22:09 Post subject:
Nucleus111 wrote:
I figured the chances of me wanting to use the usb 2.0 ports are slim to none since I have a server running 24/7.
What happened man? Now your asking about printers that you use on the router USB port, what do you have to say for yourself? Just j/k :P
If you have it off then turn it back on, its about 5 seconds for it to 'fully' kick in. Oh and to make this even better, what i do with my wl520gu, is i hooked up a hub to mine and run "Optware, the right way" from a 2 Gig USB thumb, and also have a printer hooked on, and have a separate 160Gb HDD for storage purposes. Seems to work really well. OTRW already has a bunch of scripts in it, some for printers and automount etc, so it makes alot of this stuff very easy. _________________ Wireless N Config | Linking Routers | DD-WRT Wiki | DD-WRT Builds | Peacock - Broadcom FAQ
I figured the chances of me wanting to use the usb 2.0 ports are slim to none since I have a server running 24/7.
What happened man? Now your asking about printers that you use on the router USB port, what do you have to say for yourself? Just j/k
I meant for NAS storage purposes
buddee wrote:
If you have it off then turn it back on, its about 5 seconds for it to 'fully' kick in. Oh and to make this even better, what i do with my wl520gu, is i hooked up a hub to mine and run "Optware, the right way" from a 2 Gig USB thumb, and also have a printer hooked on, and have a separate 160Gb HDD for storage purposes. Seems to work really well. OTRW already has a bunch of scripts in it, some for printers and automount etc, so it makes alot of this stuff very easy.
OK, I'll run the script then.
I did look into "optware, the right way" but figured for my basic setup it isn't needed. What I probably will end up doing though is use the built in VPN server so I don't have to port forward to my server and authenticate there.
If I did want to use the USB port for storage, it would only be so I could put in a flash drive with work files for external access and then not allow any external access to the server. Would I need optware for that or just enable it under USB in DD-WRT?
Joined: 06 Feb 2010 Posts: 7401 Location: Little Rock
Posted: Wed Aug 04, 2010 22:32 Post subject:
Nucleus111 wrote:
If I did want to use the USB port for storage, it would only be so I could put in a flash drive with work files for external access and then not allow any external access to the server. Would I need optware for that or just enable it under USB in DD-WRT?
You do not have to have optware right way to do this. You would have to just enable it, but one word of somewhat warning to this, if its not on all the time, when you turn USB on, it'll reboot the router for the USB daemon to kick in, hot swappable drives was mentioned for add in support through dd-wrt, not sure if they ever implemented it yet, so... just letting you know, it will reboot. _________________ Wireless N Config | Linking Routers | DD-WRT Wiki | DD-WRT Builds | Peacock - Broadcom FAQ
So, if the drive is not plugged at the time the router is turned on it will reboot to recognize it, got it.
I'm not looking to dodge optware, just trying to follow the KISS rule as I don't need all of the other "tweakie" apps at this time :wink:
Joined: 06 Feb 2010 Posts: 7401 Location: Little Rock
Posted: Wed Aug 04, 2010 23:35 Post subject:
Nucleus111 wrote:
So, if the drive is not plugged at the time the router is turned on it will reboot to recognize it, got it.
I'm not looking to dodge optware, just trying to follow the KISS rule as I don't need all of the other "tweakie" apps at this time :wink:
...and buddee:
Thanks for ALL your help
Well the drive can be plugged in at the time the router is powered up, and usb off in dd-wrt, and it will be fine.
Its just when you enable through the webgui, then it'll reboot. what i do with it is, leave it on all the time, if i need to pull the drive, i do not disable USB through the Webgui, instead i just ssh in and do manual unmounts of whatever mnt point they have, once unmounted, i simply unplug the drive, do whatever i was gonna do, then re-plug drive whenever, ssh back in and manually mount them back to the points in which they were set. Seems to work well if you would have to do this procedure.
And no probs on the pointers for this unit, i like sharing what i have learned with it. Also on a side note, i know kinda late for this, i have sent someone a gigabit unit, they are gonna try to see if they can get some more clarity on this VLAN issue with gigabit switches as i simply do not have enough dedicated time for it, to much family/work stuff going cause of summertime. _________________ Wireless N Config | Linking Routers | DD-WRT Wiki | DD-WRT Builds | Peacock - Broadcom FAQ
as i simply do not have enough dedicated time for it, to much family/work stuff going cause of summertime.
That's why I appreciate all the help. With all of the work I do, a 3 yr. old, a 1 yr. old, and my wife my time is extremely limited and I know other people's is too. So I get it
OK...I'm back looking for help with my main concern: VLANS.
The goal is to set port 1 as VLAN2. VLAN2 is to have only Internet access and be completely blocked from accessing br0. br0 though should be able to connect to VLAN2.
What I did so far is (in the GUI) set the VLAN page so that port 1 was put on VLAN2. Question...when I telnet into the router and run the "nvram show | grep vlan.ports" command it still listed the original configuration; even after saving the GUI setup and rebooting. Why?
So, I ended up using these commands in telnet:
nvram set vlan0ports="2 3 4 5*"
nvram set vlan2ports="1 5*"
Another question...I understand that port5 is virtual, but what is the difference between "5" & "5*"?
The DHCP has been configured (in the GUI) under the Netwroking section and "Port Setup" has "Network Configuration vlan2" checked as "unbridged".
As of now, without any firewall rules, both subnets can ping each other. Whenever I try to add a command as simple as this under commands in the GUI and save as firewall:
iptables -I FORWARD -i vlan2 -o br0 -j DROP
pinging in both directions is dropped.
...So, how can I adjust my firewall rules to accomplish my goals?
What I did so far is (in the GUI) set the VLAN page so that port 1 was put on VLAN2. Question...when I telnet into the router and run the "nvram show | grep vlan.ports" command it still listed the original configuration; even after saving the GUI setup and rebooting. Why?
*shrug* I'm surprised by this. The vlan#ports variables seemed like the only thing the GUI got right, I guess not...
Nucleus111 wrote:
So, I ended up using these commands in telnet:
nvram set vlan0ports="2 3 4 5*"
nvram set vlan2ports="1 5*"
Another question...I understand that port5 is virtual, but what is the difference between "5" & "5*"?
It is explained at the bottom of the page. The asterisk signifies the default VLAN for any traffic that isn't tagged.
As of now, without any firewall rules, both subnets can ping each other. Whenever I try to add a command as simple as this under commands in the GUI and save as firewall:
iptables -I FORWARD -i vlan2 -o br0 -j DROP
pinging in both directions is dropped.
...So, how can I adjust my firewall rules to accomplish my goals?
You have to remember traffic flows both ways and your rule blocks anything from returning to br0 from vlan2. This will only drop new connections from vlan2 to br0.
iptables -I FORWARD -i vlan2 -o br0 -m state --state NEW -j DROP _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
