Hi,
I have a new TP-Link Archer C7 1750 v2. I already installed and configured the latest OpenWrt firmware. every thing is working as expected except the dynamic vlan assignment. I am using OpenWrt for a couple of years now. Currently I am using a TP-Link-TL-WR1043ND and the dynamic vlan assignment works perfect.
I have a dedicated freeradius server running on a Ubuntu server in my home infrastructure. Wenn I use the Archer C7 and try to connect to either the 5G or 2G network with my user account the authentication with the AD and the assignment of a vlan from freeradius are successful and the respective vlan is being populated from freeradius to the NAS (openwrt), but the switch on the Archer doesn't assign the vlan at all. Bellow are the relevant wireless and network configurations:
wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '36'
option hwmode '11a'
option path 'pci0000:01/0000:01:00.0'
option htmode 'VHT80'
option country 'DE'
option legacy_rates '1'
config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'ap'
option ssid 'OpenWrt5G'
option encryption 'wpa2'
option auth_server '192.168.10.3'
option auth_port '1812'
option auth_secret 'freeradius_secret'
option dynamic_vlan '2'
option vlan_naming '0'
option vlan_tagged_interface 'eth0'
option vlan_bridge 'br-vlan'
config wifi-iface
option device 'radio0'
option mode 'ap'
option ssid 'Guest5G'
option encryption 'psk2'
option key 'guest5_secret'
option network 'vlan20'
config wifi-device 'radio1'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path 'platform/qca955x_wmac'
option htmode 'HT20'
option disabled '1'
option country 'DE'
option legacy_rates '1'
config wifi-iface 'default_radio1'
option device 'radio1'
option mode 'ap'
option ssid 'OpenWrt2G'
option encryption 'wpa2'
option auth_server '192.168.10.3'
option auth_port '1812'
option auth_secret 'freeradisus_secret'
option dynamic_vlan '2'
option vlan_naming '0'
option vlan_tagged_interface 'eth0'
option vlan_bridge 'br-vlan'
config wifi-iface
option device 'radio1'
option mode 'ap'
option ssid 'Guest2G'
option encryption 'psk2'
option key 'guest2_secret'
option network 'vlan20'
network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd9d:5068:3652::/48'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '1 6t'
option vid '2'
config switch_vlan
option device 'switch0'
option vlan '3'
option vid '10'
option ports '0t 2 3 4 5t 6t'
config switch_vlan
option device 'switch0'
option vlan '4'
option vid '20'
option ports '0t 2t 3t 4t 5 6t'
config interface 'vlan10'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.10.1'
option netmask '255.255.255.0'
option gateway '192.168.10.1'
option broadcast '192.168.10.255'
option _orig_ifname 'eth0.10'
option _orig_bridge 'true'
option ifname 'eth0.10'
config interface 'vlan20'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.20.1'
option netmask '255.255.255.0'
option gateway '192.168.20.1'
option broadcast '192.168.20.255'
option _orig_ifname 'eth0.20'
option _orig_bridge 'true'
option ifname 'eth0.20'
The router has two CPU's, so could it be that the vlan_tagged_interface should be for both interfaces and I have to create the vlans on both of them?
Thanks for the help.