What seems to be the default vlan config as no changes made is:
ports 1-4 (yellow) and two wireless devices bridged and on vlan 1 , DHCP gives out 192.168.1.x
port 5 (red) on vlan 2, no DHCP it seems as plugging something in does not issue address
Is it possible to put one of those simple repeater* devices (or other old wireless router) that has on it one ethernet port to connect to [main] router - set in access point mode and using a different ip address scheme eg. 192.168.2.x - on the port 5 and let it have access to the internet ?
*in access point mode it it doesn't seem to issue nameservers ... so it may not be possible but there is another old netgear wireless router to be used if better.
The use case: to have this separate wireless ap for a guest wireless network (using different addressing) with internet access via main router only , but isolated from everything else on the main router.
As will be obvious, this is from me as a networking newbie and upfront, I am sorry for any incorrect terms used etc and frustrated at my lack of knowledge in having to come here so soon. I have read and read, but what I think is needed is for some kind person to explain what to set up or check is set up (devices, vlan, interfaces, firewall using luci or uci or direct editing of config) to achieve the use case and then I can go away to do it and understand it as I do it ... i.e. to provide a setup suggestion and component parts to work with. If there is a better way, please advise too.
Regards and thank you. I'm dubious the above is well written or clear enough ... but here goes
Habs
This would be expected as that port is typically an upstream (WAN) connection -- DHCP client by default -- and not part of your LAN.
I assume this device is running OpenWrt? If so, please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
Since I posted I have 'achieved' some success in getting a setup working.
The AP is configured to 192.168.10.254 with 'gateway' set to 192.168.10.1 and DHCP dishing out 192.168.10.100 - ..200 addresses netmask 255.255.255.0.
The port 5 on the HH5a (red - wan) in the Luci 'switch' details is shown as 'untagged' on vlan 2 (linked to device eth0.2 it seems) and o'ff' on vlan 1.
I jumped in and created an interface 'GLAN' linked to the eth0.2 device with static address of 192.168.10.1 (the address set as gateway on AP). Additionally created GLAN firewall zone with settings accept and 'forwarding' to the WAN zone (internet on the HH5 using device dsl0.101 ..another vlan listed as it seems which is to the ISP over PPOE etc) ... essentially it is just same as for the main LAN zone settings.
Then, connected a CAT5 lead from the AP single eth port to the Port 5 (red) on the HH5A and all seemed to work.
From the main LAN it is possible to ping the 192.168.10.1 (port 5 red) but nothing else inside that vlan 2.
From any client connected to the AP (in VLAN2) it is possible to get to the internet but nothing on the main LAN.
It seems to work ... but I have a lot to learn (inc. if it is secure!) and to think about. It seems fine for now, but will study it a bit more.
When I've digested I will come back and post the config requested for a critique. If there is something glaringly 'wrong' with the above (its a jumble of words and a diag would be better guess) then let me know ... otherwise, I will be back (gulp).
A diagram of your network as well as a description of the actual intent/end-goals will be useful to supplement your config files. Also, the capabilities of your AP are relevant, too -- i.e. is it a VLAN aware (which depends on the hardware and the firmware that is installed) -- so providing info about that device would be good.
The relevant files on your HH5a are shown below (wireless is only relevant if the HH5a is also going to be handling multiple networks on wifi):
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
In general, the red WAN port on the bthub5 is 'just another port on the switch' - it can be configured any way you want (the default is for it is to be off, in favour of the integrated xDSL modem taking the WAN capacity). Check https://openwrt.ebilan.co.uk/viewtopic.php?f=7&t=266 for a verbose walkthrough for your device.
Other than that -and after you've read the guide above, please follow psherman's advice of both outlining your desired outcome (diagram of the desired network topology) and your current configurations, as I have to admit that it isn't quite clear to me what you're trying to accomplish exactly (and the details matter).
following up - the above is 'working' but not as it should - issues with DNS etc and the fact that the cheap AP being used has limited configurability (if that is a word). Therefore I am closing this so to speak and going to reconsider and read further a bit more - I need to learn some. Cheers to everyone who reads this.