Posted: Sun Dec 13, 2020 1:21 Post subject: Basic question: Cannot access vlan (I've used search:) )
Hi, community, I really need your help Its already 3rd day I'm trying to figure out what I'm missing. I've read Multiple WLANs page, Switched Ports, and even Iptables guide, besides endless forums I'm stumped
---
Router: Linksys ea6500v2, latest dd-wrt r44970 (tried previous versions also).
I'm trying to access the client on vlan3 (lan port #3 on the router) from my PC connected via wifi (wl1). (Before I created virtual AP (wl1.1) and was able to connect (from wl1) to the client on wl1.1. But cannot do the same with vlan) What I have done:
(all the screens are on public google drive here: https://drive.google.com/drive/folders/1YdpUqXp6X69KDq6QIAj9B_9oKwGGtOt8)
1.Setup > Switch Config: Created vlan3 by moving port 2 and 3 to vlan3:
2.Setup > Networking: br0: eth1 eth2 vlan1
Selected vlan3 as Unbridged, assigned IP address & Mask;
Also added DHCPD for vlan3 interface
3.Security > Firewall: disabled SPI Firewall
4.Administration > Commands: executed 'iptables -I FORWARD -j ACCEPT' command and saved it to Firewall
@ this point: I saw the client connected vlan3 at Status > LAN page, but not able to connect using IP provided.
5.Telnet to the router: (by default I had vlan1 & 2, WAN on port4 vlan2, CPU on 5) nvram show | grep vlan.*ports | sort vlan1ports=0 3 5*
vlan2ports=4 5
vlan3ports=1 2 5 nvram show | grep port.*vlans | sort port0vlans=2
port1vlans=1
port2vlans=3
port3vlans=3
port4vlans=1
port5vlans=1 2 3 16 root@ILC-R:~# nvram show | grep vlan.*hwname | sort vlan1hwname=et0
vlan2hwname=et0
vlan3hwname=et0 @ this point: Still not able to connect. I see the cliend on the Status > Lan page (actually 2 times - with ip from router pool and vlan3 dhcp, but both time with vlan3 interface ), but : Destination host unreachable.
Did I missed something?
Is your wlan on the same vlan as your desktop? if not you should not be able to connect to each other. From the screenshots it does not look like that is true.
Is your wlan on the same vlan as your desktop? if not you should not be able to connect to each other. From the screenshots it does not look like that is true.
Desktop is connected via WiFi (wlan1 (in br0) on router, 192.168.13.x). vlan3 I've created is not in the bridge ( and has its own subnet 192.168.88.0/24)
wl1.1 you saw on the screenshot I used to connect from dekktop (wl1(br0)) to wl1.1(unbridged) - and everything was OK. do not judge me, its my first contact with ddwrt )))
No worries, I understand, but one of the purposes of VLANs is to isolate them from other traffic, so you will have to have the desktop on the same VLAN as the wireless.
Part of what you are seeing is what a router does, which is route traffic between different networks, and since DD-WRT knew about both of the networks and had no rules to prevent, it routed across them.