GH0 DD-WRT User
Joined: 05 Dec 2008 Posts: 249
|
Posted: Sun Jan 08, 2012 4:28 Post subject: WAP with multiple SSID's unable to pass traffic |
|
Yes, I know another thread. I went through yesterday and today going through all of my networking stuff and upgrading it, and reworking it.
Basic explanation of my network:
Primary Router - DHCP Server
Internal LAN/WLAN - 10.10.10.1
Secondary Router - WAP with WAN port disabled.
Internal LAN/WLAN - 10.10.10.2
Guest network WLAN - 10.10.11.1
Anyways I have a WRT54GS with the following release version:
DD-WRT v24-sp2 mega (c) 2011 NewMedia-NET GmbH
Release: 12/08/11 (SVN revision: 17990)
This is a VINT build and the corerev is 7, so there shouldn't be any issue running the second SSID.
I have a WAP that is setup as followed by the Wireless Access Point wiki ( http://www.dd-wrt.com/wiki/index.php/Wireless_Access_Point ) and also followed the Multiple WLAN wiki ( http://www.dd-wrt.com/wiki/index.php/Multiple_WLANs ). Afterwards, I attempted to ping yahoo or 10.10.10.1 (my primary router's ip address). I was unable to do both, it would jump between "request timed out" and "destination host unreachable" for both the yahoo ip, and the 10.10.10.1 address. I was able to successfully ping 10.10.11.1 however.
Right now, I am just trying to successfully ping outside the local network, so I can reach the internet. I have tried several different firewall scripts:
Code: |
iptables -I FORWARD -i br1 -m state --state NEW -j ACCEPT
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -t nat -I POSTROUTING -o br0 -j SNAT --to `nvram get lan_ipaddr`
iptables -I INPUT -i br1 -p udp --dport 67 -j ACCEPT
iptables -I INPUT -i br1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i br1 -p tcp --dport 53 -j ACCEPT
|
As well as:
Code: |
iptables -I FORWARD -i br1 -d `nvram get lan_ipaddr`/`nvram get lan_netmask` -m state --state NEW -j DROP
iptables -t nat -I POSTROUTING -o br0 -j SNAT --to `nvram get lan_ipaddr`
iptables -I INPUT -i br1 -m state --state NEW -j DROP
iptables -I INPUT -i br1 -p udp --dport 67 -j ACCEPT
iptables -I INPUT -i br1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i br1 -p tcp --dport 53 -j ACCEPT
|
Had asked on an IRC Channel if anyone had experience with it, and someone did so I had a extensive private message with them.
http://pastebin.com/RXVFrYCU
dmesg output from the pastebin:
http://pastebin.com/kpcxYkUi
I have tried moving it to a LAN port instead, and changed the firewall commands up, and it still failed to work.
It seems to be a routing issue, but I can't exactly figure out what the routing issue is.
The entire configuration for the Wireless Access Point is displayed here:
http://imgur.com/a/7bNK4#6 |
|