Hi,
Is there something that prevents dhcp traffic in LAN firewall zone?
If yes how can I allow it?
Did you change the default LAN firewall input rule to DROP or REJECT?
Nope. That stupid thing will cut me from the unit entierly. Wont prevent dhcp traffic specificaly.
Ports 67 & 68?
What stupid thing...the firewall???
It sounds like you're editing the firewall. What happens after a reset to default, do you get an IP on LAN?
What device do you have?
Nope. Stupid thing is seting drop/reject on input chain.
It sounds are trying to build strowman again. I dont think that adding few vlan interfaces in LAN zone is so far from deafault setings.And it is not editing of firewall in any way.
Irelevant to the topic question but tl-mr3020 and tl-mr3220v2.
I would cindly ask you to bypass my activity in this forum. I don't see how you are helpfull to me. I have a suspision that i'm not the only victim of your writings. Thank you in advance.
You again...no problem. I'm glad to avoid you...I didn't realize your username. Now I understand why DHCP isn't working and how you're locking yourself out of your router.
Best of luck in finding your solution.
I also guess that means you didn't reset the router...since DHCP should work by default.
What did you do before it stopped working? By default settings it works.
1 Like
Made 3 vlan interfaces. DHCP clients. Made LAN interface DHCP client too. For some reasons none of them is geting IP address. I'm geting access to devices trough ipv6 link local address or usb ttl.
On second touth I'm not seeing the link local address of the DHCP server but I see link local addresses of AP. So probably the problem is in it.
Ok, how you created these vlan? You created the VLAN first from the switch page? What did you set in the table in that page? (or can you post the settings file if you did this over serial or SSH)
Then you should have created the interface from the Interface page and in Physical settings tab you should have selected for example VLAN eth0.3 (which means the VLAN number 3 created on the device eth0, the name you see on the CPU column in the Switch page, it's usually eth0 on most devices)
See how LAN and WAN interfaces are set up with VLANs.
Nope that was a glich. After restarting network service on dhcp server all link local addresses are visible.
root@mr3020:~# cat /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd16:52b0:4c6d::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0'
option _orig_ifname 'eth0 wlan0'
option _orig_bridge 'true'
option proto 'dhcp'
config interface 'suwifi'
option proto 'dhcp'
option ifname 'eth0.500'
option defaultroute '0'
option peerdns '0'
option macaddr 'C2:4A:00:8D:A6:F2'
option type 'bridge'
config interface 'eduroam'
option proto 'dhcp'
option ifname 'eth0.501'
option defaultroute '0'
option peerdns '0'
option type 'bridge'
option macaddr 'C2:4A:00:8D:A6:F1'
config interface 'wifiadmin'
option proto 'dhcp'
option ifname 'eth0.704'
option defaultroute '0'
option peerdns '0'
option macaddr 'C2:4A:00:8D:A6:F3'
option type 'bridge'
root@mr3020:~# cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11g'
option path 'platform/ar933x_wmac'
option country 'BG'
option channel 'auto'
option htmode 'HT40'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option key
option ssid 'LAN'
option encryption 'none'
config wifi-iface
option device 'radio0'
option mode 'ap'
option encryption 'none'
option ssid 'eduroam'
option network 'eduroam'
config wifi-iface
option device 'radio0'
option mode 'ap'
option encryption 'none'
option ssid 'SU-WiFi'
option network 'suwifi'
config wifi-iface
option device 'radio0'
option mode 'ap'
option encryption 'none'
option ssid 'wifiadmin'
option network 'wifiadmin'