Having fun with WAP, VAP, VLAN and OpenVPN client

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
View previous topic :: View next topic  
Author Message
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 11463
Location: Netherlands
PostPosted: Fri Dec 20, 2019 13:15    Post subject: Having fun with WAP, VAP, VLAN and OpenVPN client Reply with quote
This one is for the holidays if you are bored Smile

I have written down a setup I recently made with two routers, one setup as a WAP, with a combined VLAN between the routers with VAP's on that VLAN and an Open VPN client on the WAP using DNSMasq for Policy Based routing.

A nice showcase of what is possible.

I am no VLAN expert so cannot answer your questions about VLAN's

Just use the wiki it is all there:
https://wiki.dd-wrt.com/wiki/index.php/Switched_Ports

DDWRT Having Fun with VAPs, WAPs, VLANs, Bridges and OpenVPN client.pdf
 Description:
Have fun

Download
 Filename:  DDWRT Having Fun with VAPs, WAPs, VLANs, Bridges and OpenVPN client.pdf
 Filesize:  473.59 KB
 Downloaded:  1444 Time(s)

_________________
Routers:Netgear R7800, R7000, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
Sponsor
jtbr
DD-WRT Novice


Joined: 09 Mar 2017
Posts: 44
PostPosted: Wed Jan 15, 2020 11:31    Post subject: Reply with quote
Thank you for this. With your help I now have a very similar setup working, with a WAP and 4 VAPs on both routers, connected using a vlan trunk. I'm also using openvpn, but in my case on router 1 (connected to the WAN) in my configuration, also successfully. This means I have no need for the firewall on router 2.

I would not have thought to use the .2 address in the bridges. Also insightful.

Thanks again
Back to top View user's profile Send private message
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 11463
Location: Netherlands
PostPosted: Wed Jan 15, 2020 12:04    Post subject: Reply with quote
You are welcome, was fun setting it up and so I shared it with the community in the hope it would help and inspire my fellow DDWRT users Very Happy
_________________
Routers:Netgear R7800, R7000, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
tinkeruntilitworks
Guest
PostPosted: Wed Jan 15, 2020 12:46    Post subject: Reply with quote
i'm subscribing to this thread so i can check this out later

thanks for posting

i haven't tried anything like this before
Back to top
mache
DD-WRT User


Joined: 11 Apr 2010
Posts: 308
Location: San Francisco Bay Area
PostPosted: Wed Jan 15, 2020 17:21    Post subject: Reply with quote
I did something similar 5.5 years ago. Here is the link: https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=907313#907313
Back to top View user's profile Send private message
SimonB27
DD-WRT Novice


Joined: 30 Dec 2021
Posts: 1
PostPosted: Mon Jun 20, 2022 13:06    Post subject: Reply with quote
mache wrote:
I did something similar 5.5 years ago. Here is the link: https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=907313#907313


And that post is still really valuable now seven years later. I had my guest wifi and home wifi operating through my main router and two separate access points elsewhere in the house which needed VLANs to pull off. It all worked for ages and then I replaced some hardware and forgot how to do it!!!

Your post is still the go-to reference work

Thanks
Back to top View user's profile Send private message
mache
DD-WRT User


Joined: 11 Apr 2010
Posts: 308
Location: San Francisco Bay Area
PostPosted: Mon Jun 20, 2022 18:43    Post subject: Reply with quote
Appreciate the shout out.

Thank you.

For my R7000, running DD-WRT v3.0-r46885 std (06/05/21, I updated the configuration with the new VLAN commands:

For my main router, I placed these commands in Administration, Commands, Firewall:

Code:
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 3 4t 5t"
swconfig dev switch0 vlan 2 set ports "0 5"
swconfig dev switch0 vlan 3 set ports "4t 5t"
swconfig dev switch0 set apply

For the WAPs you need to apply these commands in Administration, Commands, Firewall so the VLANs match up to the main router. In this configuration, the WAN Ethernet port receives VLAN1 and VLAN3 tagged network traffic.

Code:
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "0t 1 2 3 4 5t"
swconfig dev switch0 vlan 2 set ports "5"
swconfig dev switch0 vlan 3 set ports "0t 5t"
swconfig dev switch0 set apply
Back to top View user's profile Send private message
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 5687
Location: UK, London, just across the river..
PostPosted: Mon Jun 20, 2022 20:45    Post subject: Reply with quote
mache wrote:
Appreciate the shout out.

Thank you.

For my R7000, running DD-WRT v3.0-r46885 std (06/05/21, I updated the configuration with the new VLAN commands:

For my main router, I placed these commands in Administration, Commands, Firewall:

Code:
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 3 4t 5t"
swconfig dev switch0 vlan 2 set ports "0 5"
swconfig dev switch0 vlan 3 set ports "4t 5t"
swconfig dev switch0 set apply

For the WAPs you need to apply these commands in Administration, Commands, Firewall so the VLANs match up to the main router. In this configuration, the WAN Ethernet port receives VLAN1 and VLAN3 tagged network traffic.

Code:
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "0t 1 2 3 4 5t"
swconfig dev switch0 vlan 2 set ports "5"
swconfig dev switch0 vlan 3 set ports "0t 5t"
swconfig dev switch0 set apply


just to add for those readers that will follow the thread, different routers have different port ley out...
so those commands are strictly for this router..R7000

also mache if you price security you better update your old build...it has security holes and unpatched binaries and services...last build so far 49268..
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 51741 WAP
TP-Link WR1043NDv2 -DD-WRT 52054 Gateway/DoT DNS,AP Isolation,Ad-Block,Firewall,Forced DNS,VPN,VLAN
TP-Link WR1043NDv2 -DD-WRT 52148 Gateway/DoT DNS,Ad-Block,Firewall,Forced DNS,x3 VLAN(no-wifi)
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 52148 Gateway/DoT DNS,AD-Block,AP&Net Isolation,x3 VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 52095 Gateway/StubbyDoT/DNS,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 ---DD-WRT 52148 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3 VLAN,VPN (no-wifi)
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum