jalil1408
DD-WRT Novice
Joined: 13 Apr 2015
Posts: 25
|
 Posted: Mon Apr 20, 2015 15:13 Post subject: Guest VAP with Internet Access? |
 |
Device : Linksys WRT54G v5.1
Firmware : DD-WRT v24-sp2 (07/22/09) micro - build 12548M NEWD Eko
I want to achieve this configuration:
WRT54G (AP : Private, VAP : Guest) --- Switch --- Firewall --- Internet
Q1 : Which port should I connect to the switch : WAN, 1, 2, 3 or 4?
Q2 : How should this figure:
Setup -> Basic Setup :
WAN Connection Type : Disables, DHCP,... ?
Assign WAN Port to Switch : Checked or Unchecked?
DHCP Server?
Setup -> Advanced Routing :
Operating Mode : Router or Gateway?
Q3 : What is the appropriate firewall?
I've already configure VAP and assign it to br1 with subnet 192.168.2.1/24.
AP and VAP both can get DHCP IP but only AP can access Internet.
I save this firewall but still no internet access on the VAP:
| Code: | iptables -t nat -I POSTROUTING -o `get_wanface` -j SNAT --to `nvram get wan_ipaddr`
iptables -I FORWARD -i br1 -m state --state NEW -j ACCEPT
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -I FORWARD -i br1 -d `nvram get lan_ipaddr`/`nvram get lan_netmask` -m state --state NEW -j DROP
iptables -t nat -I POSTROUTING -o br0 -j SNAT --to `nvram get lan_ipaddr`
iptables -I INPUT -i br1 -p udp --dport 67 -j ACCEPT
iptables -I INPUT -i br1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i br1 -p tcp --dport 53 -j ACCEPT |
|
|
