First, I'd like to thank the developers for creating this. My router, which I thought was dead, came alive again after installing OpenWRT. I tried DD-WRT but the WiFi did not seem to work properly. I tried tomato before too but it did not seem to work. Finally I tried OpenWRT which seems to be sort of working.
Here is what I would like to do. I want to separate my IoT devices from my secure devices.
I also have TP-Link OnHub which I want to connect to the WRT3200 via Ethernet and have all wireless connections to the OnHub router be IoT.
All wired ethernet will also be considered IoT (PS4, Plex, etc). Maybe one ethernet will be non-IoT.
WiFi to be secure only for devices (phones and laptops)
I have been reading up on setting up VLAN but it is massively confusing. I think what I want to do is basically put all some of the LAN ports on a VLAN. The OnHub will be purely Bridge mode instead of standard NAT mode. Then I have to setup firewall settings for the VLAN of IoT and my secure WiFi network. I also know I have to enable some ports so that my secure devices can use Chromecast and talk to the IoT devices.
Need a few pointers on where to start with this. I tried googling but there aren't many topics for OpenWRT and VLAN setup. Most of it seems to be Custom code instead of using LUCI interface.
Thank you for reading!
Any inputs greatly appreciated.
Have a great day
Alright. So I setup a VLAN for my IoT devices but WiFi 5ghz is taking a hit. I did not separate out the SSID (which may resolve this issue) but I noticed that the 5ghz is acting up. My phone drops from the IoT WiFi sometimes.
For those of you who are in the Google garden, you need your phone on the same WiFi. It could be configured to allow port/forwarding etc betweeen VLANs but that is way over my head and I don't have a lot of time to mess around with it. To make it simpler, I have everything that is supposed to be safe on a separate VLAN (laptops, work laptop, etc) and all the IoT stuff on a separate one (with my personal phone). I tried port forwarding but the phone needs a way to communicate with Google home objects so it didn't work. Simple solution was to keep only my phone in the IoT network.
I have seen issues with the 5ghz before which was why I retired it before. It was replaced with TP-Link Google Home Hub which is fantastic but does not do VLANs.
I am going to ditch this Linksys WRT3200 router and have ordered Ubiquitis Dream Machine. I wanted to get the WiFi 6 Amplifi Alien but that does not support VLANs. I don't think I will buy another Linksys product in the future. They do not stand behind them. I may mess around and try to fix this router - I think the 5ghz components needs to be replaced or maybe if I used the latest OpenWRT firmware.
Good luck to those of you with this router. I am pretty disappointed with it.
Edit 1: I wanted to elaborate on some issues with google garden that I have experienced. If you have grouped minis, sometimes you will not be able to see the groups. This may be an issue with some WiFi devices that are SUPPOSED to be on the network but have been turned off. I am not sure of the details but that may cause some issues in the network since google expects to be able to communicate with them. However, this is an intermittent issue. Sometimes the speaker groups were there and worked great and sometimes they werent. Sometimes I couldn't cast to a particular one. Sometimes my WiFi lights weren't connected. So it was a sporadic painful experience.
Note - i did not have any issues when i used the TP-Link GOogle Home Hub and everything was on 1 WiFi. So it may not be the routers fault, HOWEVER, dropped WiFi signal is most definitely on the router.
The WRT3200ACM works great in general but it does have some issues with IoT stuff on 2.4Ghz. As for your setup in general I would guess that "device discovery" uses broadcast or similar which doesn't work across different networks out of the box at least and while you can work around that the whole point of using a separate VLAN is kinda lost.
I keep my IoT devices on an isolated network, there is no traffic between that network and the safe devices.
All IoT devices I own can be controlled remotely, so I do not need to put my phone on the IoT network. Having two devices at home, that use an external server to communicate between them is sub-optimal, but traffic is insignificant.
I do have to put the phone on the IoT network while I need to configure a new IoT device, however. These devices need to use the same network as the phone that configures them.