[Cerowrt-users] How to setup VLANs?
Jeremy Tourville
jeremy_tourville at hotmail.com
Mon Apr 15 16:50:22 EDT 2013
Hello,
I am trying to setup my WNDR3800 such that I have two vlans- one for my regular network and another for my VoIP equipment. I am connected to the internet via DSL connection. I hand configured my config files (network, firewall and dhcp) Upon reboot my I cannot login via the wired interface, I have to use wireless. I have used openwrt in the past starting with version 8.09 and most recently 10 (backfire) on my Asus WL520GU router. I do have a working config with two VLANs on the Asus system. While there are many similarities I can see there are enough differences that make things a little more complex. What am I doing wrong? I'd be glad to write up a document and post it for the benefit of everyone if I can make this work. Here are copies of my config files- with passwords changed to something generic for my dsl service (my real files have the correct info). I also removed some info to hopefully keep this email small enough for the list. I also reviewed what was written in another forum for some answers - http://www.mail-archive.com/cerowrt-devel@lists.bufferbloat.net/msg00595.html Many thanks in advance for your assistance.
Network
config interface 'se00'
option ifname 'se00'
option proto 'static'
option ipaddr '172.30.42.1'
option netmask '255.255.255.224'
option ip6assign '64'
config interface 'se01'
option ifname 'se01'
option proto 'static'
option ipaddr '172.30.42.33'
option netmask '255.255.255.224'
option ip6assign '64'
config interface 'ge00'
option ifname 'ge00'
option proto 'pppoe'
option username 'myusername'
option password 'mypassword'
config switch
option name 'rtl8366s'
option reset '1'
option blinkrate '2'
option max_length '3'
option enable_vlan '1'
option enable_vlan4k '1'
config switch_vlan
option device 'rtl8366s'
option vlan '1'
option ports '2 3 5t'
config switch_vlan
option device 'rtl8366s'
option vlan '2'
option ports '0 1 5t'
config switch_port
option device 'rtl8366s'
option port '1'
option led '6'
config switch_port
option device 'rtl8366s'
option port '2'
option led '9'
config switch_port
option device 'rtl8366s'
option port '5'
option led '2'
Firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option drop_invalid '1'
option syn_flood '1'
option synflood_rate '200'
option synflood_burst '500'
option tcp_ecn '1'
config zone
option input 'ACCEPT'
option forward 'REJECT'
option output 'ACCEPT'
option name 'wan'
option masq '1'
option mtu_fix '1'
option network 'ge00'
config zone
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
option name 'lan'
option network 'se00 se01 sw00 sw10'
config forwarding
option dest 'wan'
option src 'lan'
config forwarding
option dest 'lan'
option src 'wan'
config zone
option input 'ACCEPT'
option output 'ACCEPT'
option name 'guest'
option forward 'ACCEPT'
option network 'gw00 gw01 gw10 gw11'
config forwarding
option dest 'wan'
option src 'guest'
config forwarding
option dest 'guest'
option src 'lan'
config forwarding
option dest 'guest'
option src 'wan'
config rule
option target 'ACCEPT'
option name 'domain'
option src '*'
option dest '*'
option dest_port '53'
config rule
option target 'ACCEPT'
option name 'ntp'
option proto 'udp'
option dest '*'
option src '*'
option dest_port '123'
config rule
option target 'ACCEPT'
option name 'dhcp4'
option family 'ipv4'
option proto 'udp'
option src '*'
option dest '*'
option dest_port '68'
config rule
option target 'ACCEPT'
option name 'printers'
option proto 'tcp'
option src '*'
option dest '*'
option dest_port '631'
config rule
option target 'ACCEPT'
option name 'Useful Services'
option proto 'tcp'
option src '*'
option dest '*'
option dest_port '80 443 873 993'
config rule
option target 'ACCEPT'
option name 'ipv6 dfz'
option family 'ipv6'
option proto 'all'
option src '*'
option dest 'guest'
config rule
option target 'ACCEPT'
option name 'icmpv6'
option family 'ipv6'
option proto 'icmp'
option src '*'
option dest '*'
config rule
option src 'wan'
option proto 'tcp udp'
option dest_port '81 137 138 139 445 9091 8123'
option name 'blockconfig'
option target 'DROP'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option src 'guest'
option proto 'tcp udp'
option dest_port '81 137 138 139 445 8123'
option name 'blockconfig2'
option target 'DROP'
DHCPconfig dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/home.lan/'
option domain 'home.lan'
option expandhosts '1'
option port '53'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option cachesize '5000'
option dhcpscript '/etc/dnsmasq_net6.sh'
list notinterface 'ge00'
config dhcp 'se00'
option interface 'se00'
option start '2'
option limit '26'
list dhcp_option '42,0.0.0.0'
list dhcp_option '44,0.0.0.0'
list dhcp_option '45,0.0.0.0'
list dhcp_option '46,8'
option leasetime '24h'
option domain 'home.lan'
config dhcp 'se01'
option interface 'se01'
option start '34'
option limit '4'
option leasetime '24h'
option domain 'home.lan'
config dhcp 'ge00'
option interface 'ge00'
option ignore '1'
config domain
option name 'gw.home.lan'
option ip '172.30.42.1'
config domain
option name 'wpad.home.lan'
option ip '172.30.42.1'
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-users/attachments/20130415/017cc9a3/attachment-0002.html>
More information about the Cerowrt-users
mailing list