The issue is that on the other side of the Wireless "WAN" is a modem/router I have no control over. My intended goal is as follows:
Use my RPi to connect to the Wifi of the Router I can't control. - Done
Have a DHCP server on the RPi that can also manage VLAN tagging and still route outbound to the internet. <----- The part where I'm stuck.
Use the Cisco switch to do the VLAN tagging by port and send it via the trunked port to the RPi for management.
Use other AP's to create the SSID's for the various VLAN'd items.
Profit.
What I have been successful so far at doing is connecting to the Wifi as a client and I was able to route the eth0 (LAN) connection using relayd. However, that doesn't allow me to setup a DHCP server and VLAN's and still maintain an active internet connection.
The official guide doesn't clarify anything and my GoogleFu is coming up short.
Any advice?
EDIT Wrote up a little tutorial below on what I ultimately did to get my setup working.
Yes, create vlan subinterfaces on eth0 for each vlan you have and they will be trunked to the c2960.
Assign the WWAN interface to the WAN zone in firewall, so that it masqurades the outgoing traffic.
Assign the subinterfaces you want to have access to the LAN zone in firewall.
For the rest of the subinterfaces create some new zone and allow accordingly.
Following the link and the advice given by @trendy, I was able to get it working with ease.
I also disabled the default LAN connection by removing it from the LAN firewall connection, but only after I had made the VLAN interfaces and software VLAN connections in the LuCi configuration.
Here's the steps (Assuming you have a default config and/or understand you may need to reset...)
There are two parts to this. First go and config it to be attached to the WiFi you need to connect to. Easiest way is to go to Network --> Wireless and next to the description of the WiFi adapter click Scan. Select the WiFi in question and enter in the necessary info. It will offer to create a WWAN interface, accept the defaults there and continue to the next set of steps.
Go to Network --> Interfaces
Click Add New Interface.
Under Protocol of the new interface make sure Static Address is selected.
Name it appropriately, and remember it cannot be renamed once named. (Not that I could see anyways)
Under Cover the following interface click and make a custom interface named (in my case) eth0.110 (so adapter.vlanid# for the ethernet port in this case)
Once you hit submit, it will take you to the configuration page for the interface, configure it for the subnet appropriately. Make sure the Gateway IP is set to whatever IP you are routing your traffic to, so in my case 192.168.1.1 for the router/modem in my setup.
Hit Save, but do NOT apply it yet.
** Repeat each step above for each VLAN you wish to create **
Go to Network --> Firewall next. Click Edit on the WAN interface and under Allow Forward to Destination Zones and Allow Forward from Source Zones select your interfaces you would like to route outwardly.
Once all of that is saved but NOT applied, you can now apply it. At this point, if you removed the LAN from the LAN interface and have only the eth0.vlan# interface attached to it like I have, you will need to connect via your switch OR somehow get VLAN tagging working before you will be able to access it again.
