Help needed in setting up OpenWRT on netgear WAX206 as dumb AP with PFSENSE

Hi
I'm hoping someone can help. I have a multivlan setup here running from a PFsense router. I recently inherrited a Netgear WAX206 and have been trying to set up openwrt on it in order for it to be a dumb Access Point.

I've followed the User guide on setting a DAP and the follow up one on setting up an additional access point.

What I'm trying to do is:
Set up a lan-bridge with the 4 1Gbe lan ports and the 2.5Gbe WAN port (this is because most of my network is 10 and 2.5GBe). Using the WAN Port to connect to my switch works and the appropriate VLAN tags are set on the port.

In PFSense I have the normal (Secure) network set up in the 192.168.100.1/24 and already have separate VLANS with DHCP Server and DNS for each as follows:

VLAN Network Names Gateway
101 Home 192.168.101.1
102 VPN 192.168.102.1
103 IOT/BTHUB 192.168.103.1
104 Guest 192.168.104.1

I've created VLAN interfaces devices and interfaces against the lan-bridge in OpenWRT and when set to DHCP they all recieve IP addresses from the PFSense router. So i've now set them to static.

I can create a Wireless Access Point (SSID) for Secure (Not VLAN based but uses untagged VLAN1 within PFSense) linked to the bridge and it picks up an IP Address from PFSense and works fine and devices connected to iut Wirelessly work OK to but the other Wireless interfaces within OpenWRT fail to get assign IP Addresses to connected devices.

Hopefully this makes sense. Any advise or guidance greatly appreciated.

/etc/config/network is as follows:

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd9f:c50b:6d57::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'wan'
        option bridge_empty '1'
        option ipv6 '0'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.100.7'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option gateway '192.168.100.1'
        list dns '192.168.100.1'

config device
        option type '8021q'
        option ifname 'br-lan'
        option vid '101'
        option name 'br-lan.101'

config interface 'vlan101'
        option proto 'static'
        option device 'br-lan.101'
        option ipaddr '192.168.101.2'
        option netmask '255.255.255.0'
        option gateway '192.168.101.1'
        list dns '192.168.101.1'

config device
        option type '8021q'
        option ifname 'br-lan'
        option vid '102'
        option name 'br-lan.102'
        option ipv6 '0'

config device
        option type '8021q'
        option ifname 'br-lan'
        option vid '103'
        option name 'br-lan.103'
        option ipv6 '0'

config device
        option type '8021q'
        option ifname 'br-lan'
        option vid '104'
        option name 'br-lan.104'
        option ipv6 '0'

config interface 'vlan102'
        option proto 'static'
        option device 'br-lan.102'
        option ipaddr '192.168.102.2'
        option netmask '255.255.255.0'
        option gateway '192.168.102.1'
        list dns '192.168.102.1'

config interface 'vlan103'
        option proto 'static'
        option device 'br-lan.103'
        option ipaddr '192.168.103.2'
        option netmask '255.255.255.0'
        option gateway '192.168.103.1'
        list dns '192.168.103.1'

config interface 'vlan104'
        option proto 'static'
        option device 'br-lan.104'
        option ipaddr '192.168.104.2'
        option netmask '255.255.255.0'
        option gateway '192.168.104.1'
        list dns '192.168.104.1' ```

/etc/config/wireless is as follows:

config wifi-device 'radio0'
        option type 'mac80211'
        option path 'platform/18000000.wmac'
        option channel '1'
        option band '2g'
        option htmode 'HT20'
        option cell_density '0'

config wifi-device 'radio1'
        option type 'mac80211'
        option path '1a143000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
        option channel '36'
        option band '5g'
        option htmode 'HE80'
        option cell_density '0'

config wifi-iface 'wifinet0'
        option device 'radio1'
        option mode 'ap'
        option ssid 'Test_Secure'
        option encryption 'none'
        option network 'lan'

config wifi-iface 'wifinet1'
        option device 'radio0'
        option mode 'ap'
        option ssid 'test_BTHUB6-QPZR'
        option encryption 'none'
        option network 'vlan103'

config wifi-iface 'wifinet2'
        option device 'radio0'
        option mode 'ap'
        option ssid 'test_IOT'
        option encryption 'none'
        option network 'vlan103'

config wifi-iface 'wifinet3'
        option device 'radio1'
        option mode 'ap'
        option ssid 'test_VPN'
        option encryption 'none'
        option network 'vlan102'

config wifi-iface 'wifinet5'
        option device 'radio1'
        option mode 'ap'
        option ssid 'test_Home'
        option encryption 'none'
        option network 'vlan101'

config wifi-iface 'wifinet6'
        option device 'radio1'
        option mode 'ap'
        option ssid 'test_Guest'
        option encryption 'none'
        option network 'vlan104' ```

Solved it!

Followed this You Tube guide: Using VLAN's with OpenWRT and pfSense to build a secure network for family and home working - Part 4 (youtube.com)

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.