Guest SSID with diffrent VLAN

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
View previous topic :: View next topic  
Author Message
jalil1408
DD-WRT Novice


Joined: 13 Apr 2015
Posts: 25
PostPosted: Mon Apr 13, 2015 7:52    Post subject: Guest SSID with diffrent VLAN Reply with quote
I'm using Linksys WRT54G v5.1 with DD-WRT v24-sp2, and I have this configuration:

WRT54G(192.168.1.2/24) --- Switch(192.168.1.0/24) --- Firewall --- Internet

How to configure DD-WRT to use the WRT54G as an Access Point with two SSIDs (Internal and Guest) in different VLANs?

The Internal SSID has to be in the same local subnet (192.168.1.0/24) and the Guest SSID has to be in the 192.168.2.0/24 subnet.

The Guest SSID can connect to the Internet but cannot connect to the local network.

How should I configure the DHCP server for the two SSIDs?
Back to top View user's profile Send private message
Sponsor
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6867
Location: Romerike, Norway
PostPosted: Mon Apr 13, 2015 8:23    Post subject: Reply with quote
Do you need the Guest VLAN on the switch or only for the AP?

1) Create a second SSID and unbridge it. Set an ip address for the second network.
Create a new dhcp server that serves the new network.
Use iptable to block from this network to the main netwrok.

2) Create a tagged VLAN trunk between the switch and the dd-wrt router. Create a new bridge br1 and assign the new vlan and the guest ap.

http://www.vspecialist.co.uk/creating-vlans-in-dd-wrt-part-1/
Back to top View user's profile Send private message
jalil1408
DD-WRT Novice


Joined: 13 Apr 2015
Posts: 25
PostPosted: Mon Apr 13, 2015 9:10    Post subject: Reply with quote
I need the Guest VLAN for the switch and the firewall.

What about setting up the configuration using the Web GUI?
Back to top View user's profile Send private message
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6867
Location: Romerike, Norway
PostPosted: Mon Apr 13, 2015 9:29    Post subject: Reply with quote
The GUI is not reliable for setting up the VLAN.
Back to top View user's profile Send private message
jalil1408
DD-WRT Novice


Joined: 13 Apr 2015
Posts: 25
PostPosted: Mon Apr 13, 2015 10:47    Post subject: Reply with quote
My WRT54G v5.1 gives :

Code:
nvram show | grep vlan.*ports
-----------------------------
vlan0ports=3 2 1 0 5*
vlan1ports=4 5

nvram show | grep port.*vlans
-----------------------------
port0vlans=1 18 19
port1vlans=0 18 19
port2vlans=0 18 19
port3vlans=0 18 19
port4vlans=0 18 19
port5vlans=0 1 16

nvram show | grep vlan.*hwname
------------------------------
vlan1hwname=et0
vlan0hwname=et0


I wonder why vlan.*ports associates port4 with vlan1 while port.*vlans associates vlan1 with port0 !!!
So what is the correct WAN port and how to make it tagged with vlan0 and vlan1 so I will be able to connect it to the switch?

I want to reach this configuration :
vlan0 for wl0
vlan1 for wl0.1
br0 connects eth0, vlan0
br1 connects wl0.1, vlan1
Back to top View user's profile Send private message
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6867
Location: Romerike, Norway
PostPosted: Mon Apr 13, 2015 11:15    Post subject: Reply with quote
vlan1 is the wan, so you cannot use it.

Make a new vlan2

Code:
set vlan2hwname="et0"
set vlan0ports="3t 2 1 0 5*"
set vlan2ports="3t 5"

set port3vlans="2 18 19 20" /*This only configures what is shown in the GUI */


Assign vlan2, wl0.1 with br1 in the GUI.

Connect the switch to the port closest to the WAN Port.
Configure tagged vlan in the switch.
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum