I have a pfSense box behind my Archer C7 (Lede 17.01.4 as dumb wireless ap).
On the pfSense box I have configured VLAN 10, 20, 30 and 40 on the 3rd ethernet port.
A cable for the 3rd ethernet port goes in to the 1st port on the Archer C7.
192.168.10.xx - VLAN 10 is for network devices (wireless ap's, switches etc).
192.168.20.xx - VLAN 20 is normal LAN.
192.168.30.xx - VLAN 30 is WIFI.
192.168.40.xx - VLAN 40 is Management LAN
How can I put the Lede device in VLAN 10?
I need to be able to access the Lede device on it's VLAN 10 IP address (192.168.10.xx).
Is there a way I can let the LAN interface "talk" over VLAN 10?
Thanks for the reply.
I've read those 2 guides/links.
But what I want is the LAN interface to be assigned to VLAN 10.
(link the excisting LAN interface to the VLAN 10)
So that I can access the device on it's VLAN IP (192.168.10.xx).
[UPDATE] I managed to get it to work now! Thanks for the links!
Create the 4 VLANs in the switch. Have them all tagged in the CPU port and the port that goes to the pfsense box. Have nothing untagged on these two ports.
You can set some of the VLANs untagged on other Ethernet ports to make them available to regular Ethernet devices. Such ports should be untagged in only one VLAN and off in all the others.
Then create 4 network interfaces one for each VLAN and attach to eth0.X. Nothing should be attached to plain eth0. VLANs that do not pass IP traffic to the router Linux do not need an IP address (for example 30, which is just bridged to the wifi radio). Use the "Unmanaged" setting for those.
Make sure you assign VLAN10 (eth1.10) to the LAN firewall and set the IP address of the interface to either DHCP or an available IP address in your VLAN10 subnet.
You might also keep a single port configured with the normal/default LEDE LAN so you have easy admin access if necessary (you can change the IP address of the default LAN interface if you need/want, but keep it otherwise default for now and keep one port associated, untagged, with that LAN).
Thanks guys!!
I finally managed to get it to work with your help. Kudos!
VLAN 10, 20, 30 and 40 are tagged on the CPU port.
They are also tagged on port 1 (which is connected to the pfSense box).
Port 2 and 3 are untagged for vlan20 (normal LAN).
Port 4 is untagged for vlan10 (network devices LAN), just for testing purposes.
Created 4 interfaces and assigned them to eth1.10 (20, 30 and 40).
Gave interface eth1.10 an IP in the vlan10 range.
After that I changed the LAN interface to eth1.10
Last but not least I removed vlan1 and 2 on the switch.
