VLAN config problems on GL.iNet GL-MT6000

Hi there - I desperately need help :confused:

I have problems setting up VLANs with the "new" DSA config (yes, my old routers run very old configs).

I created additional bridge interfaces, gave them ip addresses and configured dhcp, but all my clients still end up in the default bridge interface with an ip in the 192.168.1. range, not any of the new VLANs.
On top of that, the second I enable the vlan_filtering checkbox, I'm completely locked out - I even bricked the whole device twice and had to hard reset :frowning:

Here are my relevant configurations - I really hope one of you comes up with the hint that I have been missing for hours now.

network:

#... some original config
config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'lan5'
        option vlan_filtering '0'
#... some original config

config bridge-vlan
        option device 'br-lan'
        option vlan '99'
        list ports 'lan1:u*'
        list ports 'lan2:u*'
        list ports 'lan3:u*'
        list ports 'lan4:u*'
        list ports 'lan5:u*'

config bridge-vlan
        option device 'br-lan'
        option vlan '4'
        list ports 'lan1:t'

config bridge-vlan
        option device 'br-lan'
        option vlan '42'
        list ports 'lan1:t'

config interface 'unauthenticated'
        option proto 'static'
        option device 'br-lan.99'
        option ipaddr '10.23.99.1'
        option netmask '255.255.255.0'

config interface 'internal'
        option proto 'dhcp'
        option device 'br-lan.42'
        option ipaddr '10.23.42.1'
        option netmask '255.255.255.0'

config interface 'iot'
        option proto 'dhcp'
        option device 'br-lan.4'
        option ipaddr '10.23.4.1'
        option netmask '255.255.255.0'

firewall changes:

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'
        list network 'unauthenticated'
        list network 'internal'
        list network 'iot'

dhcp changes:


config dhcp 'unauthenticated'
        option interface 'unauthenticated'
        option start '100'
        option limit '150'
        option leasetime '12h'

config dhcp 'internal'
        option interface 'internal'
        option start '100'
        option limit '150'
        option leasetime '12h'

config dhcp 'iot'
        option interface 'iot'
        option start '100'
        option limit '150'
        option leasetime '12h'

and wireless changes:

config wifi-iface 'default_radio1'
        option device 'radio1'
-        option network 'lan'
+        option network 'unauthenticated'

I'm planning to separate those further (and not put them into the same firewall zone), but as for now, not even this is working, so I'm trying to keep it simple.

Remove the last line of this section:

These two interfaces have the wrong proto... it should be proto static

Reboot and then try again.

Thank you, I corrected the proto to static and rebooted.

After that, I tried to remove the option vlan_filtering '0' line from LUCI (at least that rolls back after 90 seconds), and again, the instant I enable vlan_filtering, I just lose all connectivity to the router :frowning:

Oh my god, the leap of faith of "remove it then reboot" did work. Thank you so much. I have been so discouraged that I didn't have the courage to try that on my own.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.