Problems with dumb ap and switch E2000

That's great!
Now you can assign all the switch ports to the same vlan untagged. Careful, because the CPU port needs to be tagged on the same vlan.
You can test plug in an ethernet cable on each port on the router and see on the luci page which port will be enabled. This way you can map the router port to the switch ports. The other port, usually 0 or 6 is the CPU.
If you are not sure, post here a screenshot from Luci or swconfig dev switch0 show

Its working now, but I dont see an interface for the switch. It works, but I cant see which IP address its reachable on. I want ti to be reachable like in how it was in br-lan mode. I'm also getting this message: Switch eth0 has an unknown topology - the VLAN settings might not be accurate.

If you are only getting this one, then I am out of ideas.

Its working, but I made an interface for lan again so I can reach it, but it doesnt work from outside of the e2000. I cant reach it through that ip. But when i'm connected by utp to that router, then he is reachable.

Alright, let's see what can be the issue.
uci export network ; uci export firewall ; ip -4 addr; ip -4 ro

1 Like
uci export network:

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd8a:6a20:423f::/48'

config interface 'wireless'
        option ifname 'wlan0'
        option proto 'static'
        option ipaddr '192.168.2.1'
        option netmask '255.255.255.0'

config switch 'eth0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan 'eth0_1'
        option device 'eth0'
        option vlan '1'
        option ports '5t 4 3 2 1 0'

config switch_vlan 'eth0_2'
        option device 'eth0'
        option vlan '2'
        option ports '5t 4t'

config switch_vlan 'eth0_3'
        option device 'eth0'
        option vlan '3'
        option ports '4t 3t'

config switch_port
        option device 'eth0'
        option port '3'
        option pvid '3'

config interface 'lan'
        option ifname 'eth0'
        option proto 'static'
        option netmask '255.255.255.0'
        list dns '192.168.1.1'
        option ipaddr '192.168.1.2'
        option gateway '192.168.1.1'

uci export firewall:
config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option network 'wireless lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        option network 'wan wan6'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config include
        option path '/etc/firewall.user'

ip -4 addr:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP qlen 1000
    inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
8: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    inet 192.168.2.1/24 brd 192.168.2.255 scope global wlan0
       valid_lft forever preferred_lft forever

ip -4 ro:
default via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 scope link  src 192.168.1.2
192.168.2.0/24 dev wlan0 scope link  src 192.168.2.1

1 Like

config interface 'wireless'
the option ifname 'wlan0' is not needed, you have already assigned it in wireless config.

Remove the following

config switch_vlan 'eth0_2'
        option device 'eth0'
        option vlan '2'
        option ports '5t 4t'

config switch_vlan 'eth0_3'
        option device 'eth0'
        option vlan '3'
        option ports '4t 3t'

config switch_port
        option device 'eth0'
        option port '3'
        option pvid '3'

Append .1 after eth0

config interface 'lan'
        option ifname 'eth0'

so it will be eth0.1
Let us know how it goes.

No, doesnt work. Still no activity on outside lan on his 192.168.1.2.
My ports are also not corresponding correctly and port 2 isnt working.

I want to make this work, only from a learning standpoint and I'd like to have all my switches, aps and routers on the same CF. But if it's not possible, then I will revert back to DD-WRT, that was working flawlessly.

Before giving up can you post a screenshot from Luci Network-Switch page or the output of swconfig dev switch0 show

Sorry for the long wait. I will do this next weekend...