jackmacking DD-WRT Novice
Joined: 03 Sep 2021 Posts: 1
|
Posted: Fri Sep 03, 2021 7:10 Post subject: [SOLVED] Netgear Xr-500 help with per port vlan setup |
|
Okay, so just a quick warning: I am completely new to dd-wrt, so I have a very limited understanding of how this all works.
Netgear XR500
DD-wrt v3.0 r47282
My goal is to create 3 separated vlans:
- vlan10 - 192.168.10.1/24 - port 2
- vlan20 - 192.168.20.1/24 - port 3
- vlan30 - 192.168.30.1/24 - port 4
(later I want to add different wlans to each vlan)
I've been following these guides with little success:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=328057&highlight=xr500
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=313472
Start commands:
Code: | swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 5t 6"
swconfig dev switch0 vlan 2 set ports "0 5"
swconfig dev switch0 vlan 10 set ports "2 5t 6t"
swconfig dev switch0 vlan 20 set ports "3 5t 6t"
swconfig dev switch0 vlan 30 set ports "4 5t 6t"
swconfig dev switch0 set apply
vconfig add eth1 10
vconfig add eth1 20
vconfig add eth1 30
ifconfig eth1.10 192.168.10.1 netmask 255.255.255.0
ifconfig eth1.20 192.168.20.1 netmask 255.255.255.0
ifconfig eth1.30 192.168.30.1 netmask 255.255.255.0 |
How I think this works:
Code: | swconfig dev switch0 vlan 10 set ports "2(port) 5t(wan) 6t(cpu?)" |
Network Configuration eth1.x: (for each vlan)
Code: | Bridge Assignment: Unbridged
Multicast forwarding: Disable
Masquerade / NAT: Enable
Filter WAN NAT Redirection: Disable
Net Isolation: Enable
Forced DNS Redirection: Disable
IP address: 192.168.x.1/24 (where x is the vlan number) |
Multiple DHCP server: (for each vlan)
Code: | Interface eth1.x: IP 192.168.x.1/24
DHCP y : eth1.x on start:100 max:50 Lease time:1440 |
Expected results:
Port 1 (eth4) = vlan1 192.168.1.x
Port 2 (eth3) = vlan10 192.168.10.x
Port 3 (eth2) = vlan20 192.168.20.x
Port 4 (eth1) = vlan30 192.168.30.x
Actual results:
WAIT WHAT? It actually worked this time? How?
I've spent around 6 hours trying over and over again to get this to work and just as I'm about to ask for help, everything just magically works. I have no idea why.
What now:
Currently devices between vlans can communicate with each other. So I just need firewall rules to prevent that right? I also want to restrict access to the router settings to vlan1. I am also yet to connect wan.
Conclusion:
I don't know why it worked this time. I don't know what changed. |
|