Posted: Sun May 13, 2018 22:02 Post subject: Best way to get my network done
Hi,
Im new to dd-wrt, just flashed over my netgear r7000 (gateway) and my TP link archer c7 (AP).
After messing around with some settings im pretty sure i will keep this software on my router.
Anyway im struggling with VLAN.
I want 2 SSID's, one called shadownet, and shadownet gasten(guest).
First i was using the wireless tab make virtual interfaces and set them unbridges. As i wanted 2.4 and 5 Ghz on a singular ssid i couldnt use this method. (i then had 2 DHCP on the same subnet).
So my search continued and i follow a few guide, concluding that i created a bridge (br1), added those 2 virtual ssids to it and create a single dhcp on the br1.
That works,, sure but its not real vlan which i would like to have.
This is also fine for me but now the real struggle i now have it on the AP. how to set VLAN to upstairs access point en continue the 2 seperate SSIDs?
I uploaded some screenshots to get a better idea what my config current is.
Thank you!
EDIT: Do i need to assign a extra bridge? br 1 to vlan0?, then put vlan0 on port 4 from gateway to the access point?
and then create ssid id same way on the gateway?
what youre saying is correct with my needs. Altough id like to allouw a few devices to the .2 guest network, such as my home cinema set that is set on the .1 data network and my chromecast also. This needs to be done with some kind of iptables. Need to figure this out. From what i have learned is that from ap1 to ap2 there should be vlan untagged on 0 and tagged on 1 (subnet 2)
thank you for the confirmation, perhpas you could help me with the iptables
VLANs are *only* relevant to wired ports. They have nothing to do w/ wireless. So unless it's your intent to add wired ports to the new bridge (br1), VLANs are irrelevant. What you've done so far, assuming you only need wireless for the guest network, is sufficient and correct.
The only other complication I see (and which you seem to allude to) is wanting to extend that guest network to another AP. I assume that AP is hardwired to (LAN to LAN) wrt the primary router.
Most guest networks don't need to share the same ethernet network, given they're only accessing the internet and not communicating w/ each other (at least that's not typical). So you can simply define guests VAPs on the second AP, just like you did on the primary router. However, those guests will need to be routed over the primary network (br0) so they can reach the WAN of the primary router. The dd-wrt multiple WLAN wiki explains the slight differences in these two configurations and the firewall changes necessary to make it work (the most important being to NAT the guest network over the LAN (br0) rather than WAN).
Normally, in a enterprise solution, you set untagged 0 and tagged 2 (subnet 2) 10.3.2.x to a port, on the other end (ap) you do the same, then when i create a wifi on the ap you set the tag on the guest network.
Cause when i will make the AP same as the main router i need an extra dhcp right? how does it pick the ip adress from the dhcp in the main router?