Vlan Issues on Linksys WRT3200ACM

Post new topic   Reply to topic    DD-WRT Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.)
Author Message
sue
DD-WRT Novice


Joined: 07 Apr 2021
Posts: 15

PostPosted: Tue Jan 31, 2023 13:31    Post subject: Vlan Issues on Linksys WRT3200ACM Reply with quote
Please help, i have issues trying to set up a seperate Vlan with subnet for IOT devices on a Linksys WRT3200ACM running OpenVPN.
-----------------------------------
I know not much yet im trying to isolate my normal everyday PC network from any/all IOT devices so i thought to set up a VLAN, i watched many YT videos yet my switch config doesnt look same as YT videos as i have Port 4 showing as (100) in yellow yet the other 3 ports show as red (down) and it seems to show that i have 2 vlans already being; 1 and 2 with nothing showing on vlan 0 for some reason.
I dont understand what im looking at fully on this switch config page.
---------------------------------------------------------
I have tried firstly to change port 4 to vlan 3 then i save then apply then go to Network to create a bridge yet the router seems to always crash and i have to reset the whole router each time.
------------------------------------------------------------
Please note that i dont have nor want any SSID Broadcasting at all as i only want and use Ethernet cables, even for my IOT devices so i always keep all wifi turned off.
Confused

_________________
Thanks, Sue
Sponsor
foz111
DD-WRT Guru


Joined: 01 Oct 2017
Posts: 704
Location: Earth

PostPosted: Wed Feb 01, 2023 9:06    Post subject: Reply with quote
Hi Sue

Vlan configuration is different per device/chipset, this wrt3200acm Vlan config thread will help below:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=317199

As far as i am aware the swconfig in GUI can only be used on Broadcom devices, wrt3200acm uses a startup script, please read above linked thread to the end.

_________________
Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.

No one can build you the bridge on which you, and only you, must cross the river of life!
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1444
Location: Appalachian mountains, USA

PostPosted: Wed Feb 01, 2023 22:54    Post subject: Reply with quote
Also, just re terminology, VLANs refer (in the context of that linked thread), to separating the ethernet ports on the back of the router into separate groups, ones you can keep isolated from each other if you like or otherwise treat differently.

I had similar goals to yours re separating the safe devices (carefully maintained computers and phones) from the unsafe devices (IoT, printers, etc) on my network, and my first stop in getting there was VAPs, virtual access points, which splits the router's wifi world into separate subnets with different SSIDs. Its a simpler business than dealing with VLANs. There's a classic post, getting old now, with a topic something like "guest networks and abuse control for beginners" that I used without a lot of trouble. Much more recently but probably a couple of years ago now I posted in someone's thread an updated mini-how-to on the topic that dealt explicitly as well with setting one of the SSIDs up to go through the OpenVPN client. See the last link in my signature. Anyway, that latter OpenVPN idea is called PBR or policy-based routing. More on that in the OpenVPN Client guide in @egc's sticky post at the top of the Advanced Networking forum.

Happy searching and reading and, especially, gloriously successful hacking...

_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
sue
DD-WRT Novice


Joined: 07 Apr 2021
Posts: 15

PostPosted: Mon Feb 06, 2023 12:13    Post subject: Reply with quote
foz111 wrote:
the swconfig in GUI can only be used on Broadcom devices, wrt3200acm uses a startup script, please read above linked thread to the end.


Thank you very much for your kind reply, you have saved me time in keep trying to swconfig in GUI of which im most great-full for, i further read the url and my brain almost exploded, im a newbie you see.

is there a laymans terms layout or an idiots guide showing the methodical way of adding a IOT Vlan and subnet as i dont seem to be able to find any such thing at my end do you know?
Thanx

_________________
Thanks, Sue
sue
DD-WRT Novice


Joined: 07 Apr 2021
Posts: 15

PostPosted: Mon Feb 06, 2023 12:23    Post subject: Reply with quote
[quote="SurprisedItWorks"] my first stop in getting there was VAPs, virtual access points, which splits the router's wifi world into separate subnets with different SSIDs.

Thank you for your reply which was most generous, yet i fail to see the correlation between my question detailing No SSID Broadcast and your reply detailing how to set up a VAPoint with a SSID Broadcasting.

Just to clarify my prior post, i dont have any wifi, i.e. SSID broadcast at all and i dont ever want any WIFI SSID Broadcast.

My objective is to set up a VLAN on 1 of the Ethernet ports at the back of the router as you stated, splitting 1 port from the other 3 ports (sand-boxing off a port if you will)

I hope this helps, thanx

_________________
Thanks, Sue
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1444
Location: Appalachian mountains, USA

PostPosted: Mon Feb 06, 2023 13:32    Post subject: Reply with quote
Apologies, Sue. You are so right, I totally missed your original post's last paragraph! Perhaps some other reader will find it useful then.
_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
seedsca
DD-WRT Novice


Joined: 01 Sep 2023
Posts: 8

PostPosted: Sun Sep 17, 2023 5:23    Post subject: Reply with quote
Hi Sue, I just set a very similar configuration. This post by ho1Aetoo was exactly what I needed. I used the fifth post on the thread, titled "Simple LAN side port VLAN"
https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1283408

For you, as for me, you can skip any reference to the wlan0.1

One thing I was doing wrong here was not matching the IP and VLAN numbers. So vlan3 needs to have the IP of 192.168.3.1/24 under the br1 bridge.

Hope that helps you.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.) All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum