1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Need Help creating VLAN

Discussion in 'Tomato Firmware' started by Livin, Feb 9, 2013.

  1. Livin

    Livin Serious Server Member

    I have searched everywhere and cannot find info/how-to/docs/etc on what I want to do.

    The only reason I need a VLAN is to isolate a 'problem' device (call it DeviceV) from another device (call it DeviceO) on the network... I cannot remove the problem device completely since other devices need to communicate with it.

    Can someone help walk me through what I need to do I create a new VLAN for DeviceV that will still allowing the DeviceV to talk to all other devices - just block communications to DeviceO.

    thank you!
  2. gfunkdave

    gfunkdave LI Guru Member

    Install a VLAN build of Tomato and look at the LAN Access screen under Advanced.
  3. Livin

    Livin Serious Server Member

    What you just did was akin to pointing to the ocean when a man asked you to teach him how to be a fisherman. The man likely already knows where the fish are an how to get there, otherwise he would not have asked for you to explain to the best way to be a fisherman.

    I have a VLAN build installed and know where it is... I asked for a "walk through" with my SPECIFIC config needed. If you can help thank you.
  4. kthaddock

    kthaddock Network Guru Member

    Have you seen this guide?
  5. Livin

    Livin Serious Server Member


    I have not seen that guide, it helped a bit but I still cannot get it working. I have included what I tried, can you help me sort out why it is not working?

    Please remember, the VLAN I'm trying to create is NOT wireless, I need to pull a physical port from the router and make it a VLAN.

    original VLAN settings...

    after attempting to setup new VLAN and bridge LAN(br0) to it as a test...


  6. kthaddock

    kthaddock Network Guru Member

    Okey that is fine you have moved port 4 to Vlan 3 and Br1.
    If you want to use tagged switch,802.1Q, on port 4 then you need tagged with what you want to sent in "trunked" line (port4 cable)
    You can "send" Br0, Br1 and WAN in tagged port at the same time.
  7. Livin

    Livin Serious Server Member

    I only moved port 4 to make my VLAN settings match the how-to you pointed me to. I have not found anything to tell me how the Ports on the VLAN page match up to the physical ports on my router. The router ports are not numbered. I have a Belkin... is port #1 the bottom port, or the port closest to the physical "Modem" port? I assumed the WAN port was the physical "Modem" port

    Also, do I need to use tagging? I was thinking I could simply create 2 different IP Address ranges, assigned the new range 192.168.3.x to VLAN3 - then simply create static routes for the devices I DO want to have talk to each other... and with having separate VLANS the problem device would be isolated on VLAN3 and DHCP/uPnP/etc boradcasts would not cross into VLAN1?

    Is this correct thinking?
    - If yes what is my config missing?

    thx again... I promise to post a how-to once I get this done - there must be other who would like to do the samething.
  8. kthaddock

    kthaddock Network Guru Member

    If you want to get physical port then just uncheck 3 checkbox and move your LAN cable until you have contact.
    I think you can have 2 VLAN in same subnet. VLAN 1 – 127 VLAN 3 – 254 and netmask
    IPaddress: and ( I'm not 100% sure about this)
  9. gfunkdave

    gfunkdave LI Guru Member

    You gave little to no info on your setup and asked a very vague question.

    What router are you using? Why do you have your port 4 mapped to WAN and your WAN port mapped to the LAN?

    What LAN subnets do you have configured on Basic -> Network? (i.e., what are br0 and br1?) Do you have DHCP enabled?

    As things stand, you are allowing all connections both directions between the two VLANs, so your "problem device" will still be able to communicate with other devices. Uncheck one of the boxes (depending on what you need the problem device for) to prohibit one network to open communications with the other.

Share This Page