WAP with multiple SSID's unable to pass traffic

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
View previous topic :: View next topic  
Author Message
GH0
DD-WRT User


Joined: 05 Dec 2008
Posts: 249
PostPosted: Sun Jan 08, 2012 4:28    Post subject: WAP with multiple SSID's unable to pass traffic Reply with quote
Yes, I know another thread. I went through yesterday and today going through all of my networking stuff and upgrading it, and reworking it.

Basic explanation of my network:

Primary Router - DHCP Server
Internal LAN/WLAN - 10.10.10.1

Secondary Router - WAP with WAN port disabled.
Internal LAN/WLAN - 10.10.10.2
Guest network WLAN - 10.10.11.1

Anyways I have a WRT54GS with the following release version:
DD-WRT v24-sp2 mega (c) 2011 NewMedia-NET GmbH
Release: 12/08/11 (SVN revision: 17990)
This is a VINT build and the corerev is 7, so there shouldn't be any issue running the second SSID.

I have a WAP that is setup as followed by the Wireless Access Point wiki ( http://www.dd-wrt.com/wiki/index.php/Wireless_Access_Point ) and also followed the Multiple WLAN wiki ( http://www.dd-wrt.com/wiki/index.php/Multiple_WLANs ). Afterwards, I attempted to ping yahoo or 10.10.10.1 (my primary router's ip address). I was unable to do both, it would jump between "request timed out" and "destination host unreachable" for both the yahoo ip, and the 10.10.10.1 address. I was able to successfully ping 10.10.11.1 however.

Right now, I am just trying to successfully ping outside the local network, so I can reach the internet. I have tried several different firewall scripts:

Code:

iptables -I FORWARD -i br1 -m state --state NEW -j ACCEPT
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -t nat -I POSTROUTING -o br0 -j SNAT --to `nvram get lan_ipaddr`
iptables -I INPUT -i br1 -p udp --dport 67 -j ACCEPT
iptables -I INPUT -i br1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i br1 -p tcp --dport 53 -j ACCEPT


As well as:
Code:

iptables -I FORWARD -i br1 -d `nvram get lan_ipaddr`/`nvram get lan_netmask` -m state --state NEW -j DROP
iptables -t nat -I POSTROUTING -o br0 -j SNAT --to `nvram get lan_ipaddr`
iptables -I INPUT -i br1 -m state --state NEW -j DROP
iptables -I INPUT -i br1 -p udp --dport 67 -j ACCEPT
iptables -I INPUT -i br1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i br1 -p tcp --dport 53 -j ACCEPT




Had asked on an IRC Channel if anyone had experience with it, and someone did so I had a extensive private message with them.
http://pastebin.com/RXVFrYCU

dmesg output from the pastebin:
http://pastebin.com/kpcxYkUi

I have tried moving it to a LAN port instead, and changed the firewall commands up, and it still failed to work.

It seems to be a routing issue, but I can't exactly figure out what the routing issue is.

The entire configuration for the Wireless Access Point is displayed here:
http://imgur.com/a/7bNK4#6
Back to top View user's profile Send private message
Sponsor
GH0
DD-WRT User


Joined: 05 Dec 2008
Posts: 249
PostPosted: Mon Jan 09, 2012 3:09    Post subject: Reply with quote
Going to give this a bump. On the upside, asiablock started working, only had to reinstall everything.
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum