Hi
I am very new to openwrt and vlans. I have a netgear router running openwrt that I would like to run as a AP only on a vlan of 50. My current setup consists of a pfsense router configured with two vlans one being vlan 50 for the guest AP I am trying to setup. Which ports would I tag/untag on the openwrt router to communicate with my pfsense router running a vlan 50 with a DHCP srver configured on that vlan.
Thanks
Ron
running vlan 50.......
-on a port?
-that is tagged/untagged?
-that is a trunk?
-ip routing on this vlan will work like XYZ?
a vlan needs to be viewed from several perspectives.... to fully understand it.
Which specific device? Depending on the device, the interfaces involved and the switch configuration may need to be different from the most common ones.
Here is my config. Which I can change to whatever is need to make this run if possible.
At the top pfsense router. Confgured for vlan 1 and vlan 50(Guest Wifi) There is a dhcp server running on both vlans.
The pfsense router is connected to a zyxel managed switch through the lan port on the pfsense router.
Currently I have one Asus Router running in AP mode which is connected to the Zyxel switch which works fine and is running on the 192.168.1.1 subnet.
I would now like to add the Netgear WNDR3700V4 running openwrt as a guest AP running on VLAN 50. I have preconfigured the settings on the pfsense router to support the vlan 50 and enabled the DHCP server on that VLAN.
So there there is a single port.... which is tagging both vlans?
The managed switch has been setup with this port in trunk mode?
Were you adding the openwrt/WNDR to the switch on a trunking port too... i take it this is so, if you have added VLAN50 on it....?
That is a good start..... Have you tested the non wrt side of this setup? Confident the managed switch is behaving?
Currently I have one Asus Router running in AP mode which is connected to the Zyxel switch which works fine and is running on the 192.168.1.1 subnet.
This tells me not much.... it is a non-vlan non-routed connection ( a lan bridge )? Or is it, on vlan1 and tagged at the switch assuming the pfsense in trunked to the switch?
I have one port configured (port 1) on the zyxel switch for vlan 50. I have this port tagged as valn 50 this is the port the openwrt AP is plugged into.
All the rest of the ports are default which is vlan 1.
The pfsense router is plugged into port 24 on the zyxel switch with trunking enabled.
I see .... if the switch is set to 50@WNDRport..... this assume that means "UNTAGGED"
In which case.... all the config is on the pfsense box... nothing special needs to be done at a VLAN level in openwrt.
Basically you have to choose between isolating the WNDR at the switch with only vlan 50... ever... ( UNTAGGED PORT )
or
Isolating the WNDR at the switch via restricting it's trunk / tagged traffic. ( TAGGED but just 50 allowed )
or
Making it a full trunk in which case almost all the isolating in done one the WNDR.
The problem is switches vary in their terms and options.... and it is possible that "50" could mean tagged..... ( restricted trunk ). In which case from the WNDR end the config is as if it were a trunk anyway.