Tomato Shibbly wireless AP and VLANs

Discussion in 'Tomato Firmware' started by lovingHDTV, Dec 19, 2017.

  1. lovingHDTV

    lovingHDTV Network Guru Member

    I'm trying to setup two wireless VLANs, that will be tunked out port 1 to my managed switch. From there they will go to my pfSense router. The DHCP server will be done with pfSense.

    I have all the router stuff working as I can connect the WAP into a VLAN port on my switch and all works fine. I'm now trying to get tomato to tag the VLANs for me.

    I attached a picture of what I'm trying to do, but I've since change Guest to be VLAN ID 20 as 2 is already taken by WAN in tomato, so all those 2's changed to 20's.

    The Tomato24 and Tomato50 interfaces work just fine. When I try with Guest24 it just gets stuck trying to get an IP address.

    Any suggestions on how to fix this?

    I've also included pictures of my Tomato setup.


    network_setup.JPG LAN.jpg LANAccess.jpg VirutalWireless.jpg VLAN.JPG
  2. lovingHDTV

    lovingHDTV Network Guru Member

    I turned on the DHCP server for VLAN 3 (id 20) and plugged in a computer to see if I could get an IP. I changed the VLAN settings a bit so that each VLAN has a dedicated port for this test.

    Oddly the port numbers in the VLAN table do not match what is set in NVRAM. In NVRAM they are backwards (inverted) from the GUI, you can see this in the attached picture: nvramVLAN.jpg

    You can see that it says port 4 is tagged for all VLANs, but in the GUI it says port 1. Oddly I have to have port 1 connected or I lose connection to the router, but I do have to use port 3 for vlan3 to work, instead of what the GUI says.

    Not sure if this helps, but it confuses me even more :)
  3. Sean B.

    Sean B. LI Guru Member

    Under WAN settings, select "disabled" for type. You will then have an input box for default gateway.. set it to the IP of your PFsense box.
  4. lovingHDTV

    lovingHDTV Network Guru Member

    I have set the default gateway, but that didn't make any difference. If I connect to Tomato24 or Toma0t50 it all works fine. When I connect to the virtual wireless I never see the DHCP request in pfSense.
  5. Sean B.

    Sean B. LI Guru Member

    Sorry, misread. Check the MAC address of the virtual wireless interface. If it's the same as the parent interface, change it manually and recheck connectivity.
  6. lovingHDTV

    lovingHDTV Network Guru Member

    OK I check and all the mac addresses are different wan, lan, and all three wireless.

    If I ssh into the WAP, I can ping eveything fine:

    All of these are on the pfSense router. So ping can get there.
  7. My Name

    My Name Networkin' Nut Member

    My setup on threeTenda AC15 Routers is similar to yours and works. I am running @Toastman on two of these while one of the AP is running @pedro311 and it works also. The main Tenda AC15 Router is assigning IP Address in my case with a D-Link DGS-1100 Smart Switch between the Main Router and the two access points. Both APs are fed by cat5e cables.

    Try setting your Vlan and VID to the same number on both ends. For example, on the Main Router under Advanced, Vlan

    Vlan 2 VID 2
    Vlan 10 VID 10
    Vlan 11 VID 11

    This is duplicated on both the AP Routers of course the DGS-1100 switch.

    Something jogs my memory of having problems until I did the Vlan, VID same thing. Can't remember for sure but worth a try.
  8. Sean B.

    Sean B. LI Guru Member

    @My Name is correct. The VIDs must be the same on both ends of the link. Didn't catch if your configuration has them different or not, but if so it would be an issue.
  9. lovingHDTV

    lovingHDTV Network Guru Member

    My VLANs are the same, on the router, switch and WAP. However on the WAP I had them numbered 3,4 as the VLAN#, so they looked liked:

    3 20
    4 10

    I changed VLAN 10 to match:

    3 20
    10 10

    And it didn't make any difference. I couldn't make VID 2 match because the vlan number only goes to 15.

    Just to double check. I have my VLANs setup on port 1 with all VLANs set to tag the port. However, when I connect my switch to port1 I cannot get back into the WAP, I have to use a different port. Makes debugging difficult, and makes me wonder if I have something else messed up.

    For the moment I"m just going to hook up two different WAP devices and let the switch do all the tagging, at least I can get it working. I didn't expect this to be so difficult :) It is hard to figure out which piece of the puzzle is broken.

    I did connect the WAP directly to my pfSense router and it still didn't work, but at least with that setup I've removed the switch from the equation.

  10. Sean B.

    Sean B. LI Guru Member

    Try taking the cable from port 1 ( your tagged link port ) and putting it into port #4 on the router.. without changing any configuration from what you've already stated.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice