1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Newbie help please (port 4 switch as vlan2)

Discussion in 'DD-WRT Firmware' started by davibou, May 8, 2006.

  1. davibou

    davibou Guest

    Hello everyone !!!

    i have a WRT54G v1 with firmware dd-wrt.v23_wrt54g.bin and want to put port 4 switch on a different Vlan ( vlan 2 ) with this rules.

    - LAN can ping Vlan2
    - Vlan2 can't ping LAN
    - both LAN and Vlan 2 have INTERNET acces
    - INTERNET have acces to Vlan2

    So i try this trick
    4Access solution ( thanks 4Access you are great)

    After reboot:

    - my LAN can ping VLAN2 (ok thats what i wan't)
    - LAN have internet acces (ok thats what i wan't)
    - INTERNET have no acces to LAN (ok thats what i wan't)
    - VLAN2 can't ping LAN machine but still ping LAN router ip (192.168.1.1) ( strange that VLAN2 in 10.0.0.254 can ping LAN router ip in 192.168.1.1 )
    - INTERNET have no acces to VLAN2 (That's not what i want )


    Please help me to finish configuration
    Thanks
    Regards David
     
  2. BigDog_UMG

    BigDog_UMG Network Guru Member

    This will put port 4 on subnet 192.168.200.xx


    ** set the following nvram variables **
    nvram set vlan0ports="1 2 3 5*"
    nvram set vlan2hwname=et0
    nvram set vlan2ports="4 5"

    ** set nvram variable 'rc_firewall' to the following: **
    ifconfig vlan2 192.168.200.1 netmask 255.255.255.0
    iptables -I INPUT 9 -i vlan2 -p udp --dport 67:68 --sport 67:68 -j logaccept
    iptables -I INPUT 9 -i vlan2 -p udp --dport 53 -j logaccept
    iptables -I FORWARD 5 -i vlan2 -j lan2wan
    iptables -I FORWARD 11 -i vlan2 -m state --state NEW -j logaccept

    in the web interface Administration -> Management
    ** set DNSMasq additional options **
    listen-address=192.168.200.1
    dhcp-range=192.168.200.100,192.168.200.149,1440m

    The dnsmasq entries allow port4 to get a dynamic address.
     

Share This Page