[fixed] AP Settings

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
DHC_DarkShadow
DD-WRT Guru


Joined: 22 Jun 2008
Posts: 2440
Location: Am now Dark_Shadow

PostPosted: Sat Jul 18, 2009 21:08    Post subject: [fixed] AP Settings Reply with quote
I was browsing around the wiki and I noticed that for all the setups (except default) ie.. CB,RB,WB etc...
that since the main router pretty much does everything for the subnet, on the Access Point setup should the firewall be disabled too?

I just noticed it's not in the Wiki for AP.

_________________
The New Me


Last edited by DHC_DarkShadow on Sat Jul 18, 2009 21:41; edited 1 time in total
Sponsor
barryware
DD-WRT Guru


Joined: 26 Jan 2008
Posts: 13049
Location: Behind The Reset Button

PostPosted: Sat Jul 18, 2009 21:14    Post subject: Re: AP Settings Reply with quote
DHC_DarkShadow wrote:
I was browsing around the wiki and I noticed that for all the setups (except default) ie.. CB,RB,WB etc...
that since the main router pretty much does everything for the subnet, on the Access Point setup should the firewall be disabled too?

I just noticed it's not in the Wiki for AP.


Yes.. The FW is disabled. You only need the firewall on the gateway.

I have found that to disable "everything" on the FW you must:

Remove all check marks in "additional filters" & "block wan requests", then click "save".

Then, "disable" the SPI firewall. If you just disable the firewall, the other check boxes are greyed (or is it grayed) out. Even though they are greyed out, if the check mark remains, the check mark is active.

See what I mean?

_________________
[Moderator Deleted] Shocked
DHC_DarkShadow
DD-WRT Guru


Joined: 22 Jun 2008
Posts: 2440
Location: Am now Dark_Shadow

PostPosted: Sat Jul 18, 2009 21:22    Post subject: Reply with quote
Yea I got ya, looks like these are missing from the AP Tut,

# Open the Security -> Firewall tab

* Uncheck all boxes...except Filter Multicast
* save
* Disable SPI firewall
* Save

and


NAT

* Problem: On v24RC4, packets go through NAT in the direction to the gateway.
* Solution: To disable this, go under the Advanced Routing tab in set-up and change the mode to "router" instead of "gateway". Also have routing disabled under the Admin tab.

_________________
The New Me
barryware
DD-WRT Guru


Joined: 26 Jan 2008
Posts: 13049
Location: Behind The Reset Button

PostPosted: Sat Jul 18, 2009 21:28    Post subject: Reply with quote
DHC_DarkShadow wrote:
Yea I got ya, looks like these are missing from the AP Tut,

# Open the Security -> Firewall tab

* Uncheck all boxes...except Filter Multicast
* save
* Disable SPI firewall
* Save

and


NAT

* Problem: On v24RC4, packets go through NAT in the direction to the gateway.
* Solution: To disable this, go under the Advanced Routing tab in set-up and change the mode to "router" instead of "gateway". Also have routing disabled under the Admin tab.


Know the wiki.. Love the wiki... Be the wiki... Fix the wiki...

In regards to the nat stuff... You can only have ONE "gateway" on any network. Everything else must be set to "router" if there is more than one "router" in service. An exception would be if a device is using a different subnet in which it is using it's own dhcp server like repeater or client (not RB or CB). But even with RB or CB, the main router is the internet gateway. Only the internet gateway needs the firewall.

_________________
[Moderator Deleted] Shocked
DHC_DarkShadow
DD-WRT Guru


Joined: 22 Jun 2008
Posts: 2440
Location: Am now Dark_Shadow

PostPosted: Sat Jul 18, 2009 21:41    Post subject: Reply with quote
****Wiki Updated****
_________________
The New Me
barryware
DD-WRT Guru


Joined: 26 Jan 2008
Posts: 13049
Location: Behind The Reset Button

PostPosted: Sat Jul 18, 2009 22:06    Post subject: Reply with quote
DHC_DarkShadow wrote:
****Wiki Updated****


Did you test it to make sure I'm not full of $hit?

I have on my setup but a confirmation would be in order (unless murrkf decides to format his hard drive Razz ) before changing the wiki.

Sorry... I'm not too happy as my Xbox took a $hit last night.. Three (3) red lights. I think they call it the ring of death.

_________________
[Moderator Deleted] Shocked
DHC_DarkShadow
DD-WRT Guru


Joined: 22 Jun 2008
Posts: 2440
Location: Am now Dark_Shadow

PostPosted: Sat Jul 18, 2009 22:12    Post subject: Reply with quote
barryware wrote:


Did you test it to make sure I'm not full of $hit?



Well we all here know your full of $h!T. Laughing


Well be for i changed the wiki I changed the settings on both my AP's and everything seems fine.

Sorry bout the XBox dude. Crying or Very sad

_________________
The New Me
redhawk0
DD-WRT Guru


Joined: 04 Jan 2007
Posts: 11563
Location: Wherever the wind blows- North America

PostPosted: Sat Jul 18, 2009 23:12    Post subject: Reply with quote
yes...barryware is correct...you only need one gateway, and thus...you only need one Firewall running.

good catch...DHC_DarkShadow

redhawk

_________________
The only stupid question....is the unasked one.
DHC_DarkShadow
DD-WRT Guru


Joined: 22 Jun 2008
Posts: 2440
Location: Am now Dark_Shadow

PostPosted: Sun Jul 19, 2009 1:26    Post subject: Reply with quote
Guess that makes me a HO!? Laughing
_________________
The New Me
barryware
DD-WRT Guru


Joined: 26 Jan 2008
Posts: 13049
Location: Behind The Reset Button

PostPosted: Sun Jul 19, 2009 2:21    Post subject: Reply with quote
DHC_DarkShadow wrote:
Guess that makes me a HO!? Laughing


If you wanna be a HO, you can be a HO..

Tally Ho! Razz

_________________
[Moderator Deleted] Shocked
redhawk0
DD-WRT Guru


Joined: 04 Jan 2007
Posts: 11563
Location: Wherever the wind blows- North America

PostPosted: Sun Jul 19, 2009 12:45    Post subject: Reply with quote
DHC_DarkShadow wrote:
Guess that makes me a HO!? Laughing


hehehe...we've been calling you a HO for a long time :lol:

redhawk

_________________
The only stupid question....is the unasked one.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum