From: Jeremy Tourville <jeremy_tourville@hotmail.com>
To: "cerowrt-users@lists.bufferbloat.net"
<cerowrt-users@lists.bufferbloat.net>
Subject: [Cerowrt-users] How to setup VLANs?
Date: Mon, 15 Apr 2013 15:50:22 -0500 [thread overview]
Message-ID: <BLU178-W19AE1DA886A51D56DA816EFACC0@phx.gbl> (raw)
[-- Attachment #1: Type: text/plain, Size: 6904 bytes --]
Hello,
I am trying to setup my WNDR3800 such that I have two vlans- one for my regular network and another for my VoIP equipment. I am connected to the internet via DSL connection. I hand configured my config files (network, firewall and dhcp) Upon reboot my I cannot login via the wired interface, I have to use wireless. I have used openwrt in the past starting with version 8.09 and most recently 10 (backfire) on my Asus WL520GU router. I do have a working config with two VLANs on the Asus system. While there are many similarities I can see there are enough differences that make things a little more complex. What am I doing wrong? I'd be glad to write up a document and post it for the benefit of everyone if I can make this work. Here are copies of my config files- with passwords changed to something generic for my dsl service (my real files have the correct info). I also removed some info to hopefully keep this email small enough for the list. I also reviewed what was written in another forum for some answers - http://www.mail-archive.com/cerowrt-devel@lists.bufferbloat.net/msg00595.html Many thanks in advance for your assistance.
Network
config interface 'se00'
option ifname 'se00'
option proto 'static'
option ipaddr '172.30.42.1'
option netmask '255.255.255.224'
option ip6assign '64'
config interface 'se01'
option ifname 'se01'
option proto 'static'
option ipaddr '172.30.42.33'
option netmask '255.255.255.224'
option ip6assign '64'
config interface 'ge00'
option ifname 'ge00'
option proto 'pppoe'
option username 'myusername'
option password 'mypassword'
config switch
option name 'rtl8366s'
option reset '1'
option blinkrate '2'
option max_length '3'
option enable_vlan '1'
option enable_vlan4k '1'
config switch_vlan
option device 'rtl8366s'
option vlan '1'
option ports '2 3 5t'
config switch_vlan
option device 'rtl8366s'
option vlan '2'
option ports '0 1 5t'
config switch_port
option device 'rtl8366s'
option port '1'
option led '6'
config switch_port
option device 'rtl8366s'
option port '2'
option led '9'
config switch_port
option device 'rtl8366s'
option port '5'
option led '2'
Firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option drop_invalid '1'
option syn_flood '1'
option synflood_rate '200'
option synflood_burst '500'
option tcp_ecn '1'
config zone
option input 'ACCEPT'
option forward 'REJECT'
option output 'ACCEPT'
option name 'wan'
option masq '1'
option mtu_fix '1'
option network 'ge00'
config zone
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
option name 'lan'
option network 'se00 se01 sw00 sw10'
config forwarding
option dest 'wan'
option src 'lan'
config forwarding
option dest 'lan'
option src 'wan'
config zone
option input 'ACCEPT'
option output 'ACCEPT'
option name 'guest'
option forward 'ACCEPT'
option network 'gw00 gw01 gw10 gw11'
config forwarding
option dest 'wan'
option src 'guest'
config forwarding
option dest 'guest'
option src 'lan'
config forwarding
option dest 'guest'
option src 'wan'
config rule
option target 'ACCEPT'
option name 'domain'
option src '*'
option dest '*'
option dest_port '53'
config rule
option target 'ACCEPT'
option name 'ntp'
option proto 'udp'
option dest '*'
option src '*'
option dest_port '123'
config rule
option target 'ACCEPT'
option name 'dhcp4'
option family 'ipv4'
option proto 'udp'
option src '*'
option dest '*'
option dest_port '68'
config rule
option target 'ACCEPT'
option name 'printers'
option proto 'tcp'
option src '*'
option dest '*'
option dest_port '631'
config rule
option target 'ACCEPT'
option name 'Useful Services'
option proto 'tcp'
option src '*'
option dest '*'
option dest_port '80 443 873 993'
config rule
option target 'ACCEPT'
option name 'ipv6 dfz'
option family 'ipv6'
option proto 'all'
option src '*'
option dest 'guest'
config rule
option target 'ACCEPT'
option name 'icmpv6'
option family 'ipv6'
option proto 'icmp'
option src '*'
option dest '*'
config rule
option src 'wan'
option proto 'tcp udp'
option dest_port '81 137 138 139 445 9091 8123'
option name 'blockconfig'
option target 'DROP'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option src 'guest'
option proto 'tcp udp'
option dest_port '81 137 138 139 445 8123'
option name 'blockconfig2'
option target 'DROP'
DHCPconfig dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/home.lan/'
option domain 'home.lan'
option expandhosts '1'
option port '53'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option cachesize '5000'
option dhcpscript '/etc/dnsmasq_net6.sh'
list notinterface 'ge00'
config dhcp 'se00'
option interface 'se00'
option start '2'
option limit '26'
list dhcp_option '42,0.0.0.0'
list dhcp_option '44,0.0.0.0'
list dhcp_option '45,0.0.0.0'
list dhcp_option '46,8'
option leasetime '24h'
option domain 'home.lan'
config dhcp 'se01'
option interface 'se01'
option start '34'
option limit '4'
option leasetime '24h'
option domain 'home.lan'
config dhcp 'ge00'
option interface 'ge00'
option ignore '1'
config domain
option name 'gw.home.lan'
option ip '172.30.42.1'
config domain
option name 'wpad.home.lan'
option ip '172.30.42.1'
[-- Attachment #2: Type: text/html, Size: 14906 bytes --]
next reply other threads:[~2013-04-15 20:50 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-15 20:50 Jeremy Tourville [this message]
2013-04-16 6:11 ` Dave Taht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BLU178-W19AE1DA886A51D56DA816EFACC0@phx.gbl \
--to=jeremy_tourville@hotmail.com \
--cc=cerowrt-users@lists.bufferbloat.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox