Posted: Tue Feb 17, 2015 21:25 Post subject: 802.1Q AP 2 wifi vlan tagging help
I'm hoping someone can help, my googlefoo has failed me and no ammount of dd-wrt wiki's have been able to assist me in getting two wireless vap's up properly tagged. Here is my setup
dhcp servers setup and configured for both lans
tagging enabled on the switch port connected to the dd-wrt's WAN port to provide trunk access to vlan 2 and 10
Goal -
I want the dd-wrt to pass through wifi access on two differen't SSID's to the proper vlan on the switch. All of my current attempts funnel it into vlan 2 and vlan10 never see's any traffic
I have my dd-wrt configured to not obtain an ip - i have statically set it to be on the network, and checked the box to have the WAN port on the switch.
Under Vlan vlan 2 is checked for WAN and tag is selected for it > bridge assigned to lan. Ports 1-4 are checked for vlan 10 > no bridge assignment
under networking i have tried everything to my wits end to no avail. It is currently set at w0.1 tagged to vlan 10
br1 is set to 192.168.2.1 (router / switch is configured for 7.0.20.1/24) with DHCP enabled down at the bottom for br1 with vlan10 and wl0.1 in the bridge group.
currently i can't even get a dhcp address for the SSID with those settings following the stock guide.
I did use that one and it unfortunately didn't resolve the issue. That said i was on the brainslayer build that i referenced above and it was having issues staying up and connected to wifi so i changed to a different kong build that has been much more stable. The issue really isn't getting two WLANS up it is that it isn't getting tagged properly when moving outside the router aka to the ubiquiti switch.
Now that I know how it works, I can configure it in a couple of minutes.
I did not use the WebUI when it comes to VLAN tagging.
My Setup:
Asus RT-N66U with dd-wrt
Wifi Standard - not tagged VLAN1
Wifi Guest - tagged to VLAN4
Netgear GS108Ev2 Switch
The most important part is to check, which LAN Port belongs to which Port in the CLI. I have a E4200 Linksys, and there everything is mixed up. On my Asus, the LAN Port 3 is also Port 3 in the CLI. But you really need to check this first (try google).
Now it is time to configure the Wifi, create a new bridge using WebUI.
1. Wifi
Create a default Wifi, using 2,4Ghz and or 5 Ghz. Also create a virtual Wifi on each radio, using the WebUI. Standard, also don't forget encryption
2. create Bridge br1 (Setup / Networking)
Assign an IP Address to br1
3. Assign vlan4 and wl0.1 (2,4ghz) and wl1.1 (5ghz) to the Bridge br1
4. Reboot.
Now you are done with the basic setup. DHCP is not configured, also you need a default gateway / firewall to get out.
But to make it simple. Assign the LAN 4 Port to your switch VLAN1 untagged and VLAN4 tagged.
Use another Port on the same Switch, use VLAN4 untagged.
Try to connect using Wifi and assign a static IP. Connect your Laptop to switch on the VLAN4 Port untagged.
Now you should be able to ping the dd-wrt Router and your Phone (connected by Wifi).
If you get to this point, let me know and we figure out, how we can proceed.
i greatly appreciate the help. Here is what i have per your instructions w/ my data, which still isn't working. Regular wifi (vlan2) works fine and picks up dhcp without issue, vlan10 no go.
Edgemax router > Edgeswitch #vlan 2(data / reg wifi) include untagged & vlan 10(guestwifi) include tagged >Netgear Nighthawk R7000 DD-WRT v24-sp2 (08/15/14) kongac - build 24865M (pure passthrough for wifi only no dhcp)
I am going through the similar issues here. Sorry not to hijack the thread.. but this might help everyone in the end.
I have a Netgear WNAP210. With 2 SSID. One for LAN+Inet access and one for Guest Inet Only access. I have a TL-SG2424 switch. and a WZR-D1800H on DD-WRT.
right now.. the way I want to is not working like how it is working now.
1) SSID for LAN+Inet.. only Inet works, it's isolated to the LAN - this is all untagged
2) SSID for Guest. nothing works. DD-WRT can't send a DHCP IP to any client on the Guest SSID. - tagged as VLAN 5
The Netgear WNAP210 is on the TL-SG2424 port 7, and I have port 7 tagged at VLAN5 and the rest as "notmember" and port 23 is where the DD-WRT is at, and that is set to untagged for VLAN5
And finally, the DD-WRT does have Multi WLAN setup and it works just fine.
Last edited by mbze430 on Wed Feb 25, 2015 21:00; edited 2 times in total
2) i can create one but i already have dhcp set on the main router (not dd-wrt) to provide it. When i do enable it on the dd-wrt router it still doesn't work. When it gets created and assigned to br1 it still won't pull an IP.
