Posted: Wed Mar 22, 2017 17:35 Post subject: 2nd Guest Network problem - can't connect
I've recently installed DD-WRT 31571 on my Archer C7 (fyi, I find this to be much nicer than the OEM FW and much easier to use than LEDE).
I've followed the instructions to set up two guest networks, one each on the 2.4 and 5 GHZ radios. I've set up each on their own bridge and turned on the DHCP server for each.
I can connect and use the 2.4GHZ radio but can't connect to the 5GHZ radio. I've tried multiple configurations including unabridged AP isolation but get the same result each time.
If anyone can point me in the right direction I'd be thankful.
I'll continue to look through the forums to see if I can resolve this.
Do you have both guest networks on different subnets?
Yes - one's on 192.168.2.1/24 and the other's on .3.1/24. I can connect to and use the first one (which is on the 2.4 radio). I can't connect to the second one (which is on the 5 radio).
Do you have both guest networks on different subnets?
Yes - one's on 192.168.2.1/24 and the other's on .3.1/24. I can connect to and use the first one (which is on the 2.4 radio). I can't connect to the second one (which is on the 5 radio).
Does it broadcast?
Tries connect but no IP address?
Just don't connect at all???
Does it broadcast? - yes both do
Tries connect but no IP address? - tried connecting but won't connect at all (on the second one, the first connects just fine)
Just don't connect at all??? - correct
Rather than me asking a ton of questions why don't we just see what its doing.
telnet / ssh / or I reckon if you want can run from Adminstartion page - command tab
Run these one at a time and copy what they return.
Don't have to include any static DHCP leases from dnsmasq.conf
Might be a bit of tangle w/ath1.1 & br2 * br1
I would highly recommend do away with the br1 & br2.
Best way to do it right would be reset router and start over.
If you got a ton of static leases setup and a backup nvram that don't have the guest networks you could start there.
If you don't want to reset then delete both added DHCP, save & apply.
Delete assigned bridges..save
Delete br1 & br2..save & apply setting
reboot router and follow ---
Set guest up using the unbridged section in wireless settings. It has all been working very well for a while now.
http://www.dd-wrt.com/wiki/index.php/Guest_WiFi_%2B_abuse_control_for_beginners
Pics on right side of that page are handy.
Net isolation works fine and will keep guest off main network plus they cannot access the router.
No need to add any firewall rules --- is done for you.
If you need to access a server / printer / or something on main LAN from guest network you can add rule for that ... just ask.
Your link is to the first method I tried. When it didn't work, I then tried the bridge method. My apologies for not mentioning that earlier.
With the unbridged method, I get similar but worse results. I can connect fine to ath0.1 but can't connect to ath1.1. Also, once I've got the 2nd DHCP set up for ath1.1, then my WAN won't connect. In both cases, I can see the two VAPs from my home laptop but can only connect to ath0.1.
Not that I think this is it, but can I confirm that when setting up my multiple DHCPs, I ONLY add for the VAPs and NOT for the AP?
Your link is to the first method I tried. When it didn't work, I then tried the bridge method. My apologies for not mentioning that earlier.
With the unbridged method, I get similar but worse results. I can connect fine to ath0.1 but can't connect to ath1.1. Also, once I've got the 2nd DHCP set up for ath1.1, then my WAN won't connect. In both cases, I can see the two VAPs from my home laptop but can only connect to ath0.1.
Not that I think this is it, but can I confirm that when setting up my multiple DHCPs, I ONLY add for the VAPs and NOT for the AP?
yea DHCP is setup for br0 which should cover everything.
You just add DHCP for the VAP.
I haven't use the Archer C7 so I am limited what else I can say. Must be something specific with it.
I assume you have done a proper 'erase nvram' / reset sometime recently???
You might try newest build 31722.
Did this conf work on any previous build?
31722 and many builds back guest network work fine for me. I run both ath0.1 & ath1.1 on the WNDR3700v4 & the EA8500.
Hope someone knows about the Archer C7 can tell you more.
EDIT: I just don't get your Chain FORWARD with eth0
Is eth0 the WAN on those routers???
Everything I have is either
vlan1 or eth0 = LAN
vlan2 or eth1 = WAN
oh well...
Last edited by mrjcd on Thu Mar 23, 2017 0:09; edited 1 time in total
I gave this a try on ath1.1 and though there's a slight difference in the connecting, the net is that I still can't connect on this VAP.
FYI, the slight difference is that without these settings, when I try to connect from my (win10) laptop, I get a message similar to "can't connect" after about 5-10 seconds. With these settings in place on ath1.1, I get no such message, just stuck at "trying to connect".