1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

no internet access from vlan

Discussion in 'Tomato Firmware' started by Jimmy, Aug 2, 2012.

  1. Jimmy

    Jimmy Networkin' Nut Member

    using Tomato Firmware v1.28.7499 MIPSR2Toastman-VLAN-RT K26 Std on an ASUS RT-N16

    WAN disabled and WAN port bridged
    main IP of device is 192.168.100.15
    default gateway 192.168.100.1
    default static DNS 192.168.100.3

    vlan2/br1 setup, dhcp turned on, ip 10.0.0.1/255.255.255.0

    At this point I understand that I need iptables rules to:
    1) allow clients on the 10.0.0.1 subnet (plugged in to the port labeled "4") access to the internet
    2) block access from 10.0.0.1 subnet to the main LAN (192.168.100 /24)

    Unfortunately, iptables pretty much melts my brain. Can someone give me the correct iptables rules?

    Right now if I plug in a cable at ports 1, 2, or 3 I do get an IP address on the 192.168.100 subnet (from my LAN gateway) and internet access functions as expected.

    Plug in on port 4 though and I get an IP on the 10.0.0 subnet but no internet access.

    Thanks in advance for any help/hints you can give :)

    Here's what my vlan's and interfaces look like now:

    root@unknown:/tmp/home/root# nvram show | grep vlan.ports
    vlan0ports=
    vlan1ports=2 3 4 8*
    vlan2ports=0 8
    vlan3ports=1 8

    root@unknown:/tmp/home/root# ifconfig -a
    br0 Link encap:Ethernet HWaddr 20:CF:30:CE:1F:E0
    inet addr:192.168.100.15 Bcast:192.168.100.255 Mask:255.255.255.0
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:4949 errors:0 dropped:0 overruns:0 frame:0
    TX packets:859 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:557402 (544.3 KiB) TX bytes:617274 (602.8 KiB)

    br1 Link encap:Ethernet HWaddr 20:CF:30:CE:1F:E0
    inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:0 (0.0 B) TX bytes:2268 (2.2 KiB)

    eth0 Link encap:Ethernet HWaddr 20:CF:30:CE:1F:E0
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:5074 errors:0 dropped:0 overruns:0 frame:0
    TX packets:5254 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:697753 (681.3 KiB) TX bytes:1188400 (1.1 MiB)
    Interrupt:4 Base address:0x2000

    eth1 Link encap:Ethernet HWaddr 20:CF:30:CE:1F:E2
    UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
    Interrupt:3 Base address:0x1000
    imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-0 0-00
    NOARP MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:30
    RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
    imq1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-0 0-00
    NOARP MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:30
    RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
    imq2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-0 0-00
    NOARP MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:30
    RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
    RX packets:29 errors:0 dropped:0 overruns:0 frame:0
    TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:3192 (3.1 KiB) TX bytes:3192 (3.1 KiB)
    vlan1 Link encap:Ethernet HWaddr 20:CF:30:CE:1F:E0
    UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:4341 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:0 (0.0 B) TX bytes:565206 (551.9 KiB)
    vlan2 Link encap:Ethernet HWaddr 20:CF:30:CE:1F:E1
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:5074 errors:0 dropped:0 overruns:0 frame:0
    TX packets:859 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:606421 (592.2 KiB) TX bytes:620710 (606.1 KiB)
    vlan3 Link encap:Ethernet HWaddr 20:CF:30:CE:1F:E0
    UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:0 (0.0 B) TX bytes:2484 (2.4 KiB)
     

Share This Page