Router connected with VLANs doesn't work via Wireless (but Wired connection works)

SergioO · November 23, 2021, 3:40am

Hello Folks. Good day.

I’ve been struggling with an issue for several days, spent many hours searching and testing different configs but I was not able to solve the issue yet.

I have two routers connected via CAT5 cable. Router A is a WRT1900ACS with version 21.02.1. Router B is a Netgear R7800 also with 21.02.1.

The LAN4 port of Router A is connected to the WAN port of Router B.

Router A have two Interfaces create and associated with VLAN 10 and VLAN 20. Router A have DHCP server configured for both VLANs (different IP ranges). Router A have the LAN4 port Tagged for both VLAN 10 AND VLAN 20.

Router B (with firewall service disabled) have also the VLAN 10 and VLAN 20 setup. WAN port is tagged on both VLAN 10 and VLAN 20. Router B have LAN1 untagged on VLAN 10 and LAN2 untagged on VLAN 20.

If I plug laptop cable on Router B LAN1 port, it receives the DHCP information from Router A VLAN 10 and all traffic flows with no issues. The same happens if I connect the laptop on Router B LAN2. All works as expected.

However, The goal is also to use Router B as Wireless Access Point and, when I create a Wireless Network and attach it to the same interface as the wired, it doesn't work. The SSID shows up, and wireless clients tries to connect, but apparently it was not able to reach the DHCP server on Router A. I even tried using the static IP, but, it connects but there’s not traffic.

I really hope to get some light on the issue, please request any additional information as needed.

I appreciate any ideas on how to make the wireless behaves as the wired on Router B. Thank you very much.

jaromanda · November 23, 2021, 4:24am

your configuration files would help diagnosing your problem - you probably did something wrong™

flygarn12 · November 23, 2021, 6:58am

To begin with we need config files for network and wireless from router B since the wired devices work on router B the VLAN uplink to router A is obviously good and working as it should be.

SergioO · November 23, 2021, 2:18pm

Hi.
Thanks for the feedback @flygarn12 and @jaromanda

I posted below the 3 files I think are relevant for this issue. If there's anything else needed, just let me know please.

Thank you very much.

Router B /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd69:c5ea:17a3::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth1.1'

config interface 'lan'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option device 'eth1.10'
	option ipaddr '192.168.10.2'
	option gateway '192.168.10.1'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option vid '10'
	option ports '0t 6t 4 5t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option vid '20'
	option ports '0t 6t 3 5t'

config interface 'lan20'
	option proto 'static'
	option device 'eth1.20'
	option ipaddr '192.168.20.2'
	option netmask '255.255.255.0'
	option gateway '192.168.20.1'
	option type 'bridge'

Router B /etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option channel '36'
	option hwmode '11a'
	option path 'soc/1b500000.pci/pci0000:00/0000:00:00.0/0000:01:00.0'
	option htmode 'VHT80'
	option disabled '1'

config wifi-device 'radio1'
	option type 'mac80211'
	option channel '11'
	option hwmode '11g'
	option path 'soc/1b700000.pci/pci0001:00/0001:00:00.0/0001:01:00.0'
	option htmode 'HT20'
	option cell_density '0'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option network 'lan'
	option mode 'ap'
	option encryption 'none'
	option ssid 'WLAN10'

config wifi-iface 'wifinet1'
	option device 'radio1'
	option mode 'ap'
	option ssid 'WLAN20'
	option encryption 'none'
	option network 'lan20'

Router B /etc/config/firewall

config defaults
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option synflood_protect '1'

config include
	option path '/etc/firewall.user'

And here are some of the interface screenshots, also from Router B.

flygarn12 · November 23, 2021, 2:56pm

You have static IP for the interfaces on router B. You should probably use unmanaged or dhcp client for interfaces on router B instead and let router A handle the DHCP server leases.
Then router B is simply a managed switch/access point.
But be aware that you will need a interface in router B as dhcp client to manage router B system (LuCi) but that is still controlled from router A DHCP server.

https://forum.openwrt.org/t/use-ssid-in-specific-vlan-wifi-connection-can-not-be-established/108885?u=flygarn12
There are some more info in this tread.

pavelgl · November 23, 2021, 4:34pm

Your configuration in /etc/config/network doesn’t seem to be correct. Make it look like the one below, restart the network service and run brctl show

You should see 2 bridges:

br-vlan10 with members eth1.10 and wlan1
br-vlan20 with members eth1.20 and wlan1-1

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd69:c5ea:17a3::/48'

config device
	option name 'br-vlan10'
	option type 'bridge'
	list ports 'eth1.10'

config device
	option name 'br-vlan20'
	option type 'bridge'
	list ports 'eth1.20'

config interface 'lan'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option device 'br-vlan10'
	option ipaddr '192.168.10.2'
	option gateway '192.168.10.1'

config interface 'lan20'
	option proto 'static'
	option device 'br-vlan20'
	option ipaddr '192.168.20.2'
	option netmask '255.255.255.0'
	option gateway '192.168.20.1'
	
config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option vid '10'
	option ports '6t 4 5t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option vid '20'
	option ports '0t 3 5t'

SergioO · November 23, 2021, 11:38pm

@pavelgl That's awesome! It works perfectly now. So, what I can figure out is that I need one bridge interface for each vlan. Thank you very much for the help. This is resolved now.

@flygarn12 Thank you for the comments. I actually changed the interfaces to 'Unmanaged' and the bridge works as expected. I might just need to actually have one of the interfaces with an IP for management purposes.

Thank you All. All help is appreciated.

Have a nice day.

system · December 3, 2021, 11:39pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.