Help setting up VLAN on ASUS RT-AC68U

[58chev]

@Martineau

After upgrading to Merlin 384.7_2 the following would not work properly, at least in my case.
Could no longer ping 192.168.20.1 from my switch

VLANSwitch.sh 20 $OPTION autodnsmasq "alias=Guest"

while fiddling around last night it would only work with bridge added to the line.

But is there a reason now that instead of VLAN 20 I now get VLAN 124 ?
Not a big deal, just have to spend some time to reconfigure my AP to work on that VLAN, and add that vlan to my switch.

 

[Martineau]

@Martineau

After upgrading to Merlin 384.7_2 the following would not work properly, at least in my case.
Could no longer ping 192.168.20.1 from my switch

VLANSwitch.sh 20 $OPTION autodnsmasq "alias=Guest"

while fiddling around last night it would only work with bridge added to the line.

But is there a reason now that instead of VLAN 20 I now get VLAN 124 ?
Not a big deal, just have to spend some time to reconfigure my AP to work on that VLAN, and add that vlan to my switch.

The 'bridge' directive was added to complement the 'notag' directive for configuring the VLAN Switch port for users with no downstream VLAN capable switch, subsequently I wanted to ensure that the default naming convention did not conflict (as described in post #25.

Without further information it will be difficult to determine what precisely changed in your environment to apparently break the script.

P.S. I would recommend not attempting to configure a switch port between the two methods without first deleting all dnsmasq entries first.

 

[58chev]

Without further information it will be difficult to determine what precisely changed in your environment to apparently break the script.

As to why I lost connection to VLAN 20, I can't say. Other than the upgrade to the latest Merlin??? That was the only change, and that was a dirty install. I figure next FW update, I'll do a complete fresh install of everything.

P.S. I would recommend not attempting to configure a switch port between the two methods without first deleting all dnsmasq entries first.

This I did do, cleaned out entries in both dnsmasq files. after running the VLANSwitch del command. Even ran the status to make sure the vlan was removed.

No other vlans aside from the default on the router. On my switch only vlan 1 and 20.

Without the bridge option, I could no longer ping the vlan ip from my switch. like I said, not a big deal, just a bit of reconfig on my side.

 

[Martineau]

As to why I lost connection to VLAN 20, I can't say. Other than the upgrade to the latest Merlin??? That was the only change, and that was a dirty install.

I figure next FW update, I'll do a complete fresh install of everything.

Sadly this may be the only option, so immediately after a reset to factory default (i.e. preferably without other scripts), try the original non-bridge method to recreate the VLAN to see if it is indeed v384.7_2.

 

[58chev]

Sadly this may be the only option, so immediately after a reset to factory default (i.e. preferably without other scripts), try the original non-bridge method to recreate the VLAN to see if it is indeed v384.7_2.

@Martineau
Finally had a chance to start from scratch. I don't think it was anything to do with Merlin or your script. VLAN 20 on my switch worked fine but my AP would not hand off an IP address to a client. One little change on my AP and all is fine.
VLAN 20 working as it should, non-bridge mode.
I now have a couple of wired ports that "Guests" can use, and my Cisco AP in Autonomous mode dishing out "Guest WiFi" to family and friends.

ThanX again for all your help and creating a great script.

One question.
Now that it's working can I remove the autodnsmasq option from the execution line?
Since the vlan/ip/dhcp/dns entries have been inserted into dnsmasq.conf

 

[Martineau]

@Martineau
Finally had a chance to start from scratch. I don't think it was anything to do with Merlin or your script. VLAN 20 on my switch worked fine but my AP would not hand off an IP address to a client. One little change on my AP and all is fine.
VLAN 20 working as it should, non-bridge mode.

Classic PEBKAC? but I'm extremely grateful for the feedback,..although it was definitely a bit puzzling as to why the script apparently suddenly stopped working
NOTE: At least it proves that the script can work in both modes (bridge vs. non-bridge) on the latest firmware.

Now that it's working can I remove the autodnsmasq option from the execution line?

Yes.

The directives created by the script in/jffs/configs/dnsmasq.conf.add can always be manually tweaked to suit personal preferences, but the 'autodnsmasq' option will be ignored if appropriate directives are found ACTIVE in /etc/dnsmasq.conf, however, always including the directive acts as a failsafe should the expected directives go AWOL.

 

[UG543]

@Martineau
Can I also get a copy of your vlan script
thanks

 

[Martineau]

@Martineau
Can I also get a copy of your vlan script

Which router?....not all models are supported.

 

[UG543]

Which router?....not all models are supported.

AC86U

 

[Martineau]

AC86U

The script uses the 3rd-party developed 'robocfg' utility which is not present on the RT-AC86U so unfortunately the script is incompatible

see RT-AC86U can't robocfg vlan's

I did get some initial feed back about the ethctl utility etc. from one of the first users to purchase the RT-AC86U...but it lacked sufficient technical detail.

When I tried GitHub /Google searches, there was still very little info available, so not having a physical unit to test, I gave up attempting to adapt the script.

 

[stiffbeta]

I'm not sure what issues you faced with the various other scripts/commands posted on the forum, but if have the time and want to beta-test my script I can send you a link?

Hi,
I am wondering if I can get your script as well? I have been trying to get vlans working for a few years now and not be able to succeed.
Thanks,

 

[Tobias]

Hi Martineau,
I am checking every day to see if you have published your scripts yet (of there would be any sign you would ever do). I would be really happy to try yourscripts for my AC68U.

 

[bmb]

@Martineau

I have an AC87U and if its supported would like to try your script. I have a managed switch and looking to create one VLAN on port 2, just ethernet, no VPN or WLAN, WiFi is turned off on this router.

 

[Martineau]

I have an AC87U and if its supported would like to try your script. I have a managed switch and looking to create one VLAN on port 2, just ethernet, no VPN or WLAN, WiFi is turned off on this router.

Many many months ago I did get a query from an RT-AC87U user so I (blindly) created a custom beta script but I never got any response from the OP to confirm if it worked/FAILED.

You can obviously give the script a beta test on your RT-AC87U (worst case scenario is that it crashes your router )

 

[bmb]

Many many months ago I did get a query from an RT-AC87U user so I (blindly) created a custom beta script but I never got any response from the OP to confirm if it worked/FAILED.

You can obviously give the script a beta test on your RT-AC87U (worst case scenario is that it crashes your router )

Thank you, I'll try it and let you know.

I'd put my 87U into mothballs, but wanting to use it as a test bed/backup. WAN will be via USB, now that I've got an unlimited 4G DATA plan I'm thinking of ditching my fixed line broadband if it proves to be reliable.

 

[bmb]

I'm probably making a fundamental mistake, so to let you know what I did. I downloaded the script, renamed it vlanswitch.sh and placed it into /jffs/scripts. Rebooted.

Then:

admins@RT-AC87U-6798:/jffs/scripts# l
-rwxr-xr-x    1 admins   root            73 Nov 28 13:42 dnsmasq.postconf*
-rwxr-xr-x    1 admins   root           127 Nov 28 18:04 post-mount*
-rwxr-xr-x    1 admins   root           706 Nov 28 17:54 post-mount.div*
-rwxr-xr-x    1 admins   root            63 Nov 28 13:42 services-stop*
-rw-r--r--    1 admins   root         54307 Nov 29 14:03 vlanswitch.sh

Followed by:

admins@RT-AC87U-6798:/jffs/scripts# sh vlanswitch.sh 20
: not foundsh: line 42:
: not foundsh: line 43:
: not foundsh: line 54:
: not foundsh: line 63:
: not foundsh: line 64:
: 5736 20ch.sh)

: not foundsh: line 67: }
: not foundsh: line 70: }
: No such file or directory
: not foundsh: line 75: }
: not foundsh: line 81: }
: not foundsh: line 87:
vlanswitch.sh: local: line 88: not in a function
: not foundsh: line 89:
vlanswitch.sh: shift: line 92: Illegal number: 2
admins@RT-AC87U-6798:/jffs/scripts#

Then:

admins@RT-AC87U-6798:/jffs/scripts# sh vlanswitch.sh help
: not foundsh: line 42:
: not foundsh: line 43:
: not foundsh: line 54:
: not foundsh: line 63:
: not foundsh: line 64:
: 5604 help.sh)

: not foundsh: line 67: }
: not foundsh: line 70: }
: No such file or directory
: not foundsh: line 75: }
: not foundsh: line 81: }
: not foundsh: line 87:
vlanswitch.sh: local: line 88: not in a function
: not foundsh: line 89:
vlanswitch.sh: shift: line 92: Illegal number: 2
admins@RT-AC87U-6798:/jffs/scripts#

admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh -h
-sh: ./vlanswitch.sh: Permission denied

So apologies if I've started off wrong, I've read through the thread but probably missing the right way to get the script running.

 

[ColinTaylor]

@bmb Try this to fix your file then run it again.

chmod 755 vlanswitch.sh
dos2unix vlanswitch.sh

 

[bmb]

@bmb Try this to fix your file then run it again.

chmod 755 vlanswitch.sh
dos2unix vlanswitch.sh

Thank you, script is now running.

admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh 20

        (vlanswitch.sh): 26430 ***ERROR VLAN (vlan20) via Switch Port 5 not defined in '/etc/              dnsmasq.conf' - (use 'autodnsmasq' directive)

So went ahead with:

admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh 20 autodnsmasq

(vlanswitch.sh): 31109 v1.24 non-Public Beta © 2016-2018 Martineau. VLAN configuration utility.


Invalid ports '7*t17*t 7*t27*t 7*t37*t 7*t57*t 7*t87*tt7*t'.
Invalid ports '7*t 8t'.

        (vlanswitch.sh): 31109 VLAN 'vlan20' alias 'None20' (192.168.20.0/24) via Switch Port 5 created for downstream VLAN switch(s)


admins@RT-AC87U-6798:/jffs/scripts#

Followed by

admins@RT-AC87U-6798:/tmp/home/root# cd /jffs/scripts/
admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh status verbose

        ***ERROR Cannot display status; VLAN 200 (or Bridge br200) not found

admins@RT-AC87U-6798:/jffs/scripts#

This is where I left to let you have a look and see what is happening.

EDIT:

After reading the help file again Iwent ahead with:

admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh 20 2 autodnsmasq

(vlanswitch.sh): 6142 v1.24 non-Public Beta © 2016-2018 Martineau. VLAN configur      ation utility.



        (vlanswitch.sh): 6142 VLAN 'vlan20' alias 'None20' (192.168.20.0/24) via       Switch Port 2 created for downstream VLAN switch(s)

Haven't had a chance to move my VLAN20 devices over to the RT87U, but looks like it should be OK.

 

[Martineau]

admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh 20 2 autodnsmasq

(vlanswitch.sh): 6142 v1.24 non-Public Beta © 2016-2018 Martineau. VLAN configur      ation utility.



        (vlanswitch.sh): 6142 VLAN 'vlan20' alias 'None20' (192.168.20.0/24) via       Switch Port 2 created for downstream VLAN switch(s)

Haven't had a chance to move my VLAN20 devices over to the RT87U, but looks like it should be OK.

Glad to see that someone can appreciate the time taken to provide the 'help'

Could you please issue (and redact the output e.g. MAC etc.)

./vlanswitch.sh 20 status verbose

and to test you will need to configure VLAN20 on your down-stream VLAN capable switch then attach a device to the appropriate port on the down-stream switch and re-issue the 'status' command.

 

[bmb]

Glad too see that someone can appreciate the time taken to provide the 'help' [/QUOTE

Thank you, I do try to problem solve using the supplied help. Yours is indeed very comprehensive and covered the errors I saw

Could you please issue (and redact the output e.g. MAC etc.)

./vlanswitch.sh 20 status verbose

and to test you will need to configure VLAN20 on your down-stream VLAN capable switch then attach a device to the appropriate port on the down-stream switch and re-issue the 'status' command.

I will do, though I'll have to wait until I can temporarily move them over from the ER4, others in the house are connected and don't want to interrupt them. I'll get back with this.