You reported "I cannot get an IP from the router (br1).". If you need the R7800 to provide DHCP to clients on VLAN10 you may need to go to Setup -> Networking -> Multiple DHCP Servers and add DHCP to br1
You reported "I cannot get an IP from the router (br1).". If you need the R7800 to provide DHCP to clients on VLAN10 you may need to go to Setup -> Networking -> Multiple DHCP Servers and add DHCP to br1
I updated my R7800 to a latest build: DD-WRT v3.0-r49567 std (07/27/22).
I did not make a reset because I don't have enought time reconfigure the router from zero.
I configured to port as Trunk:
Code:
swconfig dev switch0 vlan 1 set ports "2t 3t 4 6"
swconfig dev switch0 vlan 10 set ports "1 2t 3t 6t"
I'm tring to use vlan1 (private network) and vlan2 (iot network) on port 2 and 3.
This port are connected to two AP (one Mikrotik and one Unifi).
The two AP generate two WiFi SSID each:
* Home WiFi (VLAN1)
* IoT (VLAN10)
I already use the two VLAN but until now they where not tagged.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "2t 3t 4 6"
swconfig dev switch0 vlan 10 set ports "1 2t 3t 6t"
swconfig dev switch0 set apply
vconfig add eth1 10
brctl addif br1 eth1.10
ifconfig eth1.10 up
#Restrict br2 from accessing the router's local sockets (software running on the router)
#iptables -I INPUT -i br2 -m state --state NEW -j DROP
##########################
#### VPN RULES ####
# NAT the traffic form the VPN out onto the internet via the WAN interface.
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j MASQUERADE
# Prevent 192.168.2.248/30 from reaching the internet directly (so no connection if VPN down)
iptables -I FORWARD -s 192.168.2.248/30 -o $(get_wanface) -m state --state NEW -j REJECT
# Prevent 192.168.10.8 from reaching the internet directly (so no connection if VPN down)
iptables -I FORWARD -s 192.168.10.8 -o $(get_wanface) -m state --state NEW -j REJECT
###################
The switch configuration is placed into the startup commands.