[spaceghost]

I've spent the last 4 hours trying to get this to work and reading lots of wikis and posts and I'm still stuck.

I have an RT-AC3200 and I have just gotten fibre installed and I can connect to my ISP using a windows laptop with windows pppoe dialer and manually setting the NIC to VLAN 10 (which is the required VLAN tag for my ISP in New Zealand - and many ISPs here use VLAN 10 tagging for fiber).

However, I am on Kong's latest build and I've tried going to Setup>Networking and under tagging I've clicked Add and then tried applying Tag Number 10 to vlan2 and then setting the wan to port assignment to the newly generated vlan2.10.

This seems like it should work, but I have had no luck whatsoever. I also tried tagging eth0 to eth0.10 and that didn't work either.

I'm completely stumped. Given that the Setup>VLANs tab shows the wan on vlan2 and the lan ports on vlan1 it seems that tagging vlan2 (wan port) with Tag Number 10 is right approach...but...yeah....no love.

I also tried using the 'Tagged' swith in the VLANs tab for the WAN port, but that had no effect either.

currently the grep output looks like this:

root@DD-WRT:~# nvram show | grep vlan.*ports | sort
size: 45667 bytes (85405 left)
vlan0ports=5
vlan1ports=0 1 2 3 5*
vlan2ports=0 5u
root@DD-WRT:~# nvram show | grep port.*vlans | sort
size: 45667 bytes (85405 left)
port0vlans=2 18 19 21
port1vlans=1 18 19 21
port2vlans=1 18 19 21
port3vlans=1 18 19 21
port4vlans=1 18 19 21
port5vlans=1 2 16
root@DD-WRT:~# nvram show | grep vlan.*hwname | sort
size: 45667 bytes (85405 left)
vlan1hwname=et0
vlan2hwname=et0

[mache]

VLAN tagging is defined by the Setup, Networking page at the top. I would recommend that you state that VLAN2 be tagged to be 10 there.

[slice1900]

You don't want to "tag vlan2 to be 10". If you do that, you are double tagging. Double tagging has its uses, but isn't what you need here. You want to use vlan10 and tag it, so what you need is:

vlan10hwname=et0
port0vlans=10 16 (you can add 18 19 21 but they don't matter)
vlan10ports=0t 5

You will also need to set the various WAN variables to vlan10, so that WAN firewall rules come up with vlan10. I'm not sure why there are so many, but better safe than sorry so set these all to vlan10 (and after rebooting check iptables to make sure vlan10 is being used for WAN related firewall rules and vlan2 does not show up anywhere)

wan_ifname
wan_ifnames
wan_iface
wan_default

[mache]

Tagging is different from the specific VLAN number. Tagging allows the multiplexing of multiple VLANs over a single media channel like Ethernet. The top of the Setup, Networking page has a way to set tags on specific VLANs. I use this feature to multiplex two VLANs over Ethernet to another access point where they are then de-muxed.

[spaceghost]

Thank you both for your help. I got it working with this information and also some more info in this post

https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1148212#1148212

Still seeing some weirdness in the web gui with the VLANs and bride assignment though. I've raised that issue in the other post, but if you have any thoughts that would certainly be appreciated.

I'm not sure how to properly check iptables though for the WAN and vlan? My connection is up and running and seems ok, but I'd like to make sure everything is 'proper'