WiFi VLAN Config

grashopr · July 20, 2019, 4:24am

I'm trying to implement the following config...
Linksys_vlans_config

My question is, Can OpenWRT put 2.4GHz traffic on specific vlans?

I've read some older forums that seem to point to OpenWRT not able to route WiFi traffic to VLANS. Without that functionality I won't be able to do what I'm intending to configure.

Thanks,

Grashopr

jeff · July 20, 2019, 4:28am

Yes, you bridge the SSID with the Ethernet interface that carries the VLAN you desire. Multiple SSIDs can be used (on wireless hardware that support them) to, for example, have a 2.4 GHz IoT SSID, another for guests, and a third for "trusted clients", all on their own VLANs.

802.11 itself doesn't support VLANs.

grashopr · July 20, 2019, 4:48am

If I understand that, I have to dedicate one Ethernet interface to VLAN 2 traffic from the 2.4 network? So I can't plug anything into it that I don't want to be on VLAN 2?

jeff · July 20, 2019, 5:03am

Once you get to devices that aren’t both VLAN-aware and trusted, you need to be down to a single subnet per physical net. Trunking multiple VLANs over a single Ethernet cable to a managed switch is common practice when wired devices are involved.

juppin · July 20, 2019, 8:11am

You don't need a physical port for your vlans.
Simply create a new wireless network on your 2.4 wifi device and add it to a newly created vlan without physical port.

moocan · March 18, 2020, 9:40pm

Hello,

How and where to add a new created wireless network to a newly created vlan ?
Could you explain please ?
I'm trying to but don't see where to do it.

Kind Regards
Moo

juppin · March 19, 2020, 11:36am

Are you using luci, uci or plain config files for configuration?

moocan · March 20, 2020, 6:52am

Hello,

Many thanks for your reply.
I'm trying using luci.
But I will follow your way.
Could you share example or screen capture ?

Kind Regards

moocan · March 30, 2020, 8:35am

Hello,

Any updates ?
Thank you for your help

Kind Regards

juppin · March 30, 2020, 8:57am

The setup is really straight forward...
You don't put your ap interfaces directly to a vlan, instead you create a bridge to which your wifi and your desired vlan is attached.
For the networks without a real vlan, create also a bridged interface with attached wifi ap, assign ip and create a firewall zone for each.

If you are struggling with this setup, i believe you won't be able to setup the other desired services like vpn and captive portal.

Good luck.

moocan · April 1, 2020, 1:26pm

Hello,

Thanks for your reply.
I was not understanding this sentence

Simply create a new wireless network on your 2.4 wifi device and add it to a newly created vlan without physical port.

Now I think I understand.

Create a VLAN with off for all switch port
Create a bridge over eth.vid and wifiAP
... Firewall zone ..

Thank you

Kind Regards