unable to get VLAN to go to the internet

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
Cr0t
DD-WRT Novice


Joined: 04 Mar 2010
Posts: 11
Location: USA
PostPosted: Mon Mar 11, 2013 20:14    Post subject: unable to get VLAN to go to the internet Reply with quote
My Linksys WRT310N v2 has Firmware: DD-WRT v24-sp2 (02/11/13) vpn-small installed. Everything is running great, but I am having issues with my vlan port. DCHP on it works just fine, but that vlan is not able to reach the internet. I have tried multiple different setups, but I am never able to get that port to reach the internet.

VLAN1, which consist of ports 1,2 and 3 can reach the internet would any issues.
VLAN2 is the W port for my cable modem.
VLAN3 is the new VLAN port on port 4.

VLAN1 is using address range 192.168.0.1 / 255.255.255.240
VLAN3 is using address range 192.168.1.1 / 255.255.255.224

The subnets are different for a reason. This is NOT a typo!

Next i setup two bridges. br0 is using vlan1 and br1 is using vlan3 with STP set to off.

My firewall script is saved under the firewall rules.
Code:
iptables -I FORWARD -i br0 -o vlan2 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -i br0 -o br1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j logdrop
iptables -I FORWARD -i br1 -o br0 -m state --state RELATED,ESTABLISHED ACCEPT
iptables -I FORWARD -i br0 -o vlan3 -j logdrop



I included screenshots:
http://s21.postimage.org/t9pbu5mef/image.png
http://s21.postimage.org/li8lvli93/image.png
http://s21.postimage.org/uras5pr53/image.png
http://s21.postimage.org/xmnvckv53/image.png
http://s21.postimage.org/5b2bfjb8n/image.png
http://s21.postimage.org/5p88svkpz/image.png
http://s21.postimage.org/hfm6a9dif/image.png
Back to top View user's profile Send private message
Sponsor
Cr0t
DD-WRT Novice


Joined: 04 Mar 2010
Posts: 11
Location: USA
PostPosted: Mon Mar 11, 2013 21:25    Post subject: Reply with quote
argh fixed it via...
Code:
iptables -t nat -I POSTROUTING -o `get_wanface` -j SNAT --to `nvram get wan_ipaddr`
iptables -I FORWARD -i br0 -o vlan2 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -i br0 -o br1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j logdrop
iptables -I FORWARD -i br1 -o br0 -m state --state RELATED,ESTABLISHED ACCEPT
iptables -I FORWARD -i br0 -o vlan3 -j logdrop

_________________
cya
    ©®0t
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum