WRT320N cannot separate VLANs

Discussion in 'Tomato Firmware' started by hunst, Jul 30, 2011.

  1. hunst

    hunst Networkin' Nut Member

    Hello there,

    I'm trying to separate my ports into 2 VLAN that cannot route between em (one is my internal network and the other one is a free hospot connexion). They're actually separated like this :

    vlan1ports="2 1 8*"
    vlan2ports="0 8"
    vlan3ports="4 3 8"

    This part is working and the vlans are effectively on a different network ( and

    But i can't get the VLAN 1 and VLAN 2 not communicating between them, even if im setting iptables rules correctly.
    Here's what's in my firewall script init :

    iptables -I INPUT -i vlan3 -j ACCEPT;
    iptables -I FORWARD -i vlan3 -o vlan2 -m state --state NEW -j ACCEPT;
    iptables -I FORWARD -i vlan3 -o br0 -j DROP;

    is something that im not doing correctly ? oh btw im using the tomato2.6usb standard firmware. Thanks in advance !
