[Fixed] E3200 Build 18946 - Second vLAN has no internet

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
View previous topic :: View next topic  
Author Message
DarkKnight93
DD-WRT Novice


Joined: 28 Jun 2010
Posts: 40
PostPosted: Tue May 29, 2012 20:59    Post subject: [Fixed] E3200 Build 18946 - Second vLAN has no internet Reply with quote
Hellow (:

Due i flashed my new E3200 with current build 18946 i cannot get vLANS working properly.

On my older E2000 with 15946 or something like that it worked like charm :(

I want to seperate LAN Port 4 to vlan3 - and grant it only access to internet not to lan/other subnets.

Here's my config:

3.jpg
 Description:
Networking page with unbriged vlan3
 Filesize:  143.18 KB
 Viewed:  6004 Time(s)

3.jpg
2.jpg
 Description:
VLAN Setup
 Filesize:  142.24 KB
 Viewed:  6005 Time(s)

2.jpg
1.jpg
 Description:
Basic Setup
 Filesize:  189.63 KB
 Viewed:  6005 Time(s)

1.jpg


Last edited by DarkKnight93 on Wed May 30, 2012 7:48; edited 1 time in total
Back to top View user's profile Send private message
Sponsor
DarkKnight93
DD-WRT Novice


Joined: 28 Jun 2010
Posts: 40
PostPosted: Tue May 29, 2012 21:04    Post subject: Reply with quote
For DNS+DHCP services i use dnsmasq:

4.jpg
 Description:
^^
 Filesize:  44.77 KB
 Viewed:  6003 Time(s)

4.jpg
Back to top View user's profile Send private message
rocky13
DD-WRT User


Joined: 25 Apr 2008
Posts: 158
PostPosted: Wed May 30, 2012 0:18    Post subject: Reply with quote
You must enable Masquerade / NAT, you have it disabled. That will do the trick.
Back to top View user's profile Send private message
DarkKnight93
DD-WRT Novice


Joined: 28 Jun 2010
Posts: 40
PostPosted: Wed May 30, 2012 7:45    Post subject: Reply with quote
thanks for your reply (:

In fact enabling NAT for unbridged vlan3 did not result in havin internet access but here are my firewall-rules, that did the trick:

VLAN2=WAN
VLAN3=Detatched Network

#Internet Access
iptables -I FORWARD -i vlan3 -o vlan2 -m state --state NEW -j ACCEPT
#Network Access to br0 block
iptables -I FORWARD -i vlan3 -o br0 -m state --state NEW -j DROP
#Block Router Access
iptables -I INPUT -i vlan3 -m state --state NEW -j DROP
#Allow DHCP Access
iptables -I INPUT -i vlan3 -p udp --dport 67 -j ACCEPT
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum