Joined: 15 Aug 2016 Posts: 290 Location: Melbourne, Australia
Posted: Mon Jun 23, 2025 4:52 Post subject: Configure VLANS on XR500 using new GUI under Networking Tab
Subsequent reinstating of Switch Config tab from r61848 (06/24/25) renders the following steps dormant.
________________________________________________________________________________________________
The following steps detail how to set up VLANs in later DDWRT versions where [Switch Config] Tab is no longer available. (Tested under version r61745).
Examples: setting up Two VLANs. 1 wired, 2 vAPs (wlan0.2 and wlan1.2). The two VLANs will subsequently be placed on bridge.
Note: Reference to 'wait 1 min' or '2 mins' is an approximation. The surest way is VISUALLY checking that i) some light indicators will go off first; ii) then all corresponding light indicators are lit up again. It's indicative that the router is back into a READY state, after the change.
In steps:
1. First, ensure XR500 works in DDWRT with wifi (wlan0 & wlan1 for fallback connection, if necessary). Note: No CLI at all for VLAN in [Startup].
2. Create 2 vAPs: wlan0.2 and wlan1.2 (wlan0.1 & wlan1.1 are already utilized for other purposes).
-Options chosen: AP Isolation (enable), Web UI Access (disable), Network configuration (Unbridged) & Net Isolation (disable) - Leave IP address blank. Not needed. Save&Apply (S&A)
3. Set up security and password for each vAP created @2. S&A. Wait 1 min.
4. Under [Setup|Networking], at VLAN Tagging:
4.a - Set VLAN ID 10 for etherport, say, 4
Set Tagging VLAN20 for each wlan0.2 and wlan1.2. S&A. Wait 1 min.
4.b - Create bridges for VLAN10 & VLAN 20. S&A. Wait 2 mins. (Not sure about options under the 'Settings' column here for now).
5. Assign to corresponding bridge created above VLAN10, wlan02 & wlan1.2. S&A - Wait 2 mins - Do ANOTHER s/w reboot via [Administration|Reboot Router]
6. Verification: Check to see each VLAN component appears under the [Current Bridge Table] as you would expect. This step indicates that all steps above are completely captured by XR500!
7. Roll down the page to enter relevant details for br10 & br20, including subnets. S&A. Wait 2 mins.
8. Finally, enter details at the bottom page for DHCP for each bridge. S&A. Wait 2 mins.
9. Then do another s/w reboot [Administration|Reboot Router]
Both VLANs should now be working on XR500 as expected.
(P.S. This write-up is my appreciation of the excellent features of DDWRT by BS and devs). Cheers. _________________ Life is a journey; travel alone makes it less enjoyable and lonely.
___________________________________________________
2x Netgear R9000 & 2x XR700 Features:
- Gateway
- Overclocked -2000MHz
- SmartDNS, DDNS
- Both 5GHz & 2.4GHz using DDWRT (not Vanilla component)
- Private Home network on default br0 bridge together with vlan1 + wlan0 & 1
- Isolated port-based VLANS, placed on bridges + vAPs (wlan0.1 & 1.1) for guests & IoT devs)
- WireGuard Server for secure on-the-road access & remote control of devices @home
- OpenVPN Client for incognito & o/seas based programs
- 10G SFP+ connected to RB5009 (via optical fiber)
- QoS - HFSC/FQ_CODEL deployed on ISP's 500/50mbps connection
Last edited by DWCruiser on Tue Jul 08, 2025 22:33; edited 1 time in total
I am struggling to make it work for 2 vlans setup on R7800
VLAN1: lan 1, lan2, lan3, lan4, 5ghz AP
VLAN2: lan 4, 2.4ghz AP
LAN4 is tagged (VLAN1 and VLAN3), There was CPU port (eth1 maybe?) was also tagged VLAN1 + VLAN3.
Can you post a screenshot of how you'd do it? Mine create lan1.1,.... lan4.1, and lan 4.3 instead of creating VLAN1 and VLAN3 that I can then assign to bridges.
Screenshot_6.png
Description:
Old configuration that works
Filesize:
25.84 KB
Viewed:
20826 Time(s)
Last edited by zdsf on Tue Jul 08, 2025 20:57; edited 1 time in total
I am struggling to make it work for 2 vlans setup on R7800
VLAN1: lan 1, lan2, lan3, lan4, 5ghz AP
VLAN2: lan 4, 2.4ghz AP
LAN4 is tagged (VLAN1 and VLAN3), There was CPU port (eth1 maybe?) was also tagged VLAN1 + VLAN3.
Can you post a screenshot of how you'd do it? Mine create lan1.1,.... lan4.1, and lan 4.3 instead of creating VLAN1 and VLAN3 that I can then assign to bridges.
Can you post a screenshot of your setup with the DSA build. Unless you have a specific use for tagged vlan1 on the trunk, you can probably do away with that, but that is a hot topic in itself (usually completely safe for home use but maybe risky in corporate networks). Note you do not need to use VLAN Filtering to use VLANs on DD-WRT. It can 100% completely be done with VLAN Tagging along with a bridge for each vlan.
The old Switch Config tab REQUIRED you to have a tagged VLAN1 on the Trunk port just to have access to the router. The DSA method does not require it. _________________ - Linksys EA8500: I-Gateway, WAP/VAP 5ghz only. Features: VLANs, Samba, WG, Entware - r60xxx
- Linksys EA8500: 802.11s Secondary w/VLAN Trunk over 5ghz - r60xxx
- Linksys MX4300: 802.11s Primary w/VLAN Trunk over 5ghz. 2.4ghz WAP/VAP only - r60xxx
- Linksys MX4300: (WAP/VAP (7)) Multiple VLANs over single trunk port. Entware/Samba r60xxx
- Linksys MR7350: WDS Station for extended Ethernet r60xxx
- Linksys MR7500, MX8500: None in production. Just testing. r60xxx
- OSes: Fedora 40, 10 RPis (2,3,4,5), 23 ESP8266s: Straight from Amiga to Linux in '95, never having owned a Windows PC.
- Forum member #248
Thanks guys for shedding more light on this. So what's the consensus, should I replicate the openwrt config with vlan filtering or do we try to do tagging as well?
I am inclined to stay on this build (r60586 std (04/04/25)) till the DSA is sorted out since this is the main router in my home and cant change anything till the kids are away. Fixing a typo i made in the original post:
Port 4 goes to a smart switch that sorts out the vlans. If it can be done with swconfig, then I don't mind waiting on ho1Aetoo's great how to posts for the DSA. Thank you everyone.
