I have created 4 VLANs in the Switch Config tab (see attached screenshot) and then created VLAN1, VLAN2, and VLAN3 to be unbridged and specified separate subnets for each of them (192.168.10.1/24, 192.168.20.1/24, and 192.168.30.1/24).
On the Basic Setup tab, I specified the router IP address as 192.168.10.2/24
I can access the router using the 192.168.10.2 IP address on each VLAN except VLAN1 (192.168.10.1/24). Why is this? Does it matter? Should I just plan to access it using the 192.168.10.1 IP address instead (which does work).
I am trying to set up 3 VLANs. VLAN3 is "Home" and should be able to access the internet and devices on the other two. VLAN4 is "Guest" and should be able to access the internet but not the devices on the other two. VLAN5 is IoT; only one device (planning to reserve an IP address) should have internet access and should not have access to devices on the other two VLANs. A rough diagram is attached. I imagine I will need to do some research to configure some iptable rules to accomplish some of this.
Also attached are some updated screenshots of the switch config and networking tabs.
Thank you, does this VLAN configuration look correct? It seems that now the subnet mask I can see from my laptop now shows as 255.255.0.0 rather than 255.255.255.0 when I connect to the router via ethernet. Is this expected behavior? To be honest, I am not sure what VLAN1 does in this setup. I'm trying to follow a tutorial but don't quite understand how all the pieces work together.
Which setting on the Basic Set Up tag needs to be adjusted? I did not see a reference to br0 on that screen.
Many thanks for your willingness to help...I am clearly fumbling around a bit trying to figure this all out!
I misunderstood Per Yngve Berg's reply. After some further reading/testing the configuration in the screenshot below appears to work the way I want (at least as far as VLAN configuration). Please feel free to point out if I am overlooking anything fundamental.
What does the CPUPORT checkbox signify? I believe I need to select it for all VLANs except VLAN0. Is that right?
A VLAN 3 is added in the example (maybe use it as your guest network)
VLAN3 is connected to port4 and a virtual WLAN.
all required settings are shown, the settings that are not shown are the default settings
Once again, VLAN1 is your regular LAN.
VLAN1 is bridged with br0 and wlan0 and wlan1
All LAN ports are normally VLAN1!
There is absolutely no plausible reason to change this (especially in your case - and I bet you don't even know why you want to change it)
It is best to reset the router to the factory settings and start from scratch - it's not that difficult to adopt the 10 settings from the linked quick start guide.
And next time please post the complete configuration and screenshots of "basic setup" "networking" and "switch config"
as I said, you are configuring bullshit
a VLAN1 that has no ports
a VLAN3 that is in the same address range as br0/vlan1
etc
and since you obviously have no idea what you are doing, I would start with small steps before you reconfigure everything incorrectly
and unfortunately, based on the information you have provided, i have no idea what exactly you want to configure
you say you want to configure 3x VLANs (home, guest, IoT)
two VLANs for WAN and regular LAN are already preconfigured on the router
home = regular LAN?
As recommended, I have done a factory reset and started over. Attachments of all recommended screens are below.
I have followed the suggested instructions making some slight modifications. Namely, the addition of another VLAN and different subnet ranges.
Additional details about my configuration plans:
I intend for WAN access to be provided by an ISP provided gateway set to "bridge" mode. I have not made these changes yet since I did not want to interfere with the day to day uses of the home wifi until I successfully configured the new router.
I intend to connect a switch directly to the VLAN1 port and eventually turn off the wireless radios on the dd-wrt router.
I intend to connect an access point to VLAN3 and then utilize a combination of the AP wireless connectivity and ethernet ports.
I intend to connect an access point and a POE Switch to the two ports assigned to VLAN4 and plan to utilize both the wireless and ethernet connections for devices.
One switch is the TL-SG108E (which I understand to be managed) and the POE switch is the TL-SG1210MP (I don't necessarily think it is managed). I was hoping that "dumb" switches could be used behind the router and the router itself would take care of the VLAN separation. Is that line of thinking incorrect?
