Guys, I'm having difficulty to pull this out .
this is my bridge setup:
the LAN 2 is where my openwrt is getting the LAN (UPLINK) from OPNsense pc, it was working as expected without vlan, but i want to add a vlan to it to separate my iot devices in a separated wireless (phy0-ap0) (vlan 20 is just for that phy0-ap0)
one of my doubts is if i set vlan ID 1 correctly, because i dont have vlan 1, but if i dont create it , my regular devices would stay without internet
so after setting the bridge and created a interface VLAN20 in openwrt , i was able to connect a wireless device to it , it receives the lease dhcp from OPNsense BUT somehow it dosnt receive internet and neither it or openwrt can ping 192.168.20.1 (my gateway on vlan 20 interface )
Here is my configs:
Network:
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd1b:403f:14f5::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
list ports 'phy0-ap0'
list ports 'phy1-ap0'
config interface 'lan'
option device 'br-lan.1'
option proto 'static'
option ipaddr '192.168.1.2'
option netmask '255.255.255.0'
option ip6assign '60'
option gateway '192.168.1.1'
list dns '192.168.1.1'
config device
option name 'phy1-ap0'
config bridge-vlan
option device 'br-lan'
option vlan '1'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
list ports 'phy1-ap0'
config bridge-vlan
option device 'br-lan'
option vlan '20'
list ports 'lan2:t'
list ports 'phy0-ap0'
config interface 'VLAN20'
option proto 'static'
option device 'br-lan.20'
option ipaddr '192.168.20.2'
option netmask '255.255.255.0'
option gateway '192.168.20.1'
list dns '192.168.20.1'
Firewall:
config defaults
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
config zone
option name 'VLAN20'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'VLAN20'
would like to know if from openwrt point of view is everything correct , for then look to opnsense forum to see if i made a mistake in the opnsense configs