Joined: 08 May 2018 Posts: 14210 Location: Texas, USA
Posted: Sat May 28, 2022 17:13 Post subject:
If you are creating VAP(s) first, then it probably won't work as expected. I believe you have to create the bridge (br1) first. Screenshots of your wifi settings might help us point you in the right direction. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Posted: Sun May 29, 2022 8:04 Post subject:
Not really, thats what Net/AP isolation is for and separate subnet(s) created in the networking tab for this purpose under Multiple DHCP Server See below.
See this reply -> https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1260059#1260059 which documents one example for 5ghz with screenshots to aid the setup, both radios are exact same setup, with exception of the SSID which indicates which is 2.4 or which is 5ghz. See there on screenshots there is an extra subnet for the VAP I initially setup for the purpose of documenting it.
This is documented on the wiki (link to wiki on post above) and Ive done it for both 2.4 and 5ghz, so if it works for me, there are no valid reasons it shouldn't work for anyone else.
Works 100%, no extra bridges needed, both have internet access and both are ap/net isolated, anything connected to those vaps is 100% isolated from regular LAN and each other. I dont even add extra firewall rules, the interface does it all as per screenshots.
Sure you can go the long way around and possibly start creating issues, as documented in various topics everyone who wants extra br1 setups for VAPS find issues with authentication and others like the OP, and the way I setup works first time and always.
But whatever, Im simply trying to offer a simple way that works without creating any issues. feel free anyone to bang heads and fight with DD-WRT.
So I tested it on the R7800 (atheros).
The VAPs are bridged via br1 and it seems to work so far...
The only strange thing is that I have access to the router (192.168.1.1) but not to the other devices in the subnet.
Otherwise everything seems to work.
And somehow there seem to be different problems on the different platforms (what works for Atheros doesn't necessarily apply to Broadcom etc).
Or maybe it's router specific - no idea
The attached picture shows the ping from the VAP (192.168.2.1 subnet)