[SOLVED] Netgear Xr-500 help with per port vlan setup

Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware
Author Message
jackmacking
DD-WRT Novice


Joined: 03 Sep 2021
Posts: 1

PostPosted: Fri Sep 03, 2021 7:10    Post subject: [SOLVED] Netgear Xr-500 help with per port vlan setup Reply with quote
Okay, so just a quick warning: I am completely new to dd-wrt, so I have a very limited understanding of how this all works.

    Netgear XR500
    DD-wrt v3.0 r47282

My goal is to create 3 separated vlans:
- vlan10 - 192.168.10.1/24 - port 2
- vlan20 - 192.168.20.1/24 - port 3
- vlan30 - 192.168.30.1/24 - port 4
(later I want to add different wlans to each vlan)

I've been following these guides with little success:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=328057&highlight=xr500
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=313472

Start commands:
Code:
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 5t 6"
swconfig dev switch0 vlan 2 set ports "0 5"
swconfig dev switch0 vlan 10 set ports "2 5t 6t"
swconfig dev switch0 vlan 20 set ports "3 5t 6t"
swconfig dev switch0 vlan 30 set ports "4 5t 6t"
swconfig dev switch0 set apply
vconfig add eth1 10
vconfig add eth1 20
vconfig add eth1 30
ifconfig eth1.10 192.168.10.1 netmask 255.255.255.0
ifconfig eth1.20 192.168.20.1 netmask 255.255.255.0
ifconfig eth1.30 192.168.30.1 netmask 255.255.255.0

How I think this works:
Code:
swconfig dev switch0 vlan 10 set ports "2(port) 5t(wan) 6t(cpu?)"

Network Configuration eth1.x: (for each vlan)
Code:
Bridge Assignment: Unbridged
Multicast forwarding: Disable
Masquerade / NAT: Enable
Filter WAN NAT Redirection: Disable
Net Isolation: Enable
Forced DNS Redirection: Disable
IP address: 192.168.x.1/24 (where x is the vlan number)

Multiple DHCP server: (for each vlan)
Code:
Interface eth1.x: IP 192.168.x.1/24
DHCP y : eth1.x on start:100 max:50 Lease time:1440

Expected results:

Port 1 (eth4) = vlan1 192.168.1.x
Port 2 (eth3) = vlan10 192.168.10.x
Port 3 (eth2) = vlan20 192.168.20.x
Port 4 (eth1) = vlan30 192.168.30.x

Actual results:
WAIT WHAT? It actually worked this time? How?
I've spent around 6 hours trying over and over again to get this to work and just as I'm about to ask for help, everything just magically works. I have no idea why.

What now:
Currently devices between vlans can communicate with each other. So I just need firewall rules to prevent that right? I also want to restrict access to the router settings to vlan1. I am also yet to connect wan.

Conclusion:
I don't know why it worked this time. I don't know what changed. Confused
Sponsor
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum