vgramatski
New Around Here
Hello everyone!
First, allow me to apologize if this is not the correct section - I wasn't sure whether to post this here on in the VLAN section.
Onto my issue. I have an ASUS AC-58U running a modded firmware (a Russian one based on stock) that allows boot scripts that allowed me to setup custom firewall rules that survive a reboot; it does have the swconfig command line tool. I also have two 802.1Q VLAN capable switches - TP-Link SG-105E and SG-108E, behind which a number of devices are connected.
I have a Rapberry Pi that is running HomeAssistant to centrally control my Sonoff switches. I want to separate this into its own IoT VLAN with the router's Guest WiFi as the access point for the IoT devices. These should be able to connect only to the Raspberry Pi but no other devices on the network. I understand that when I turn on the Guest WiFi, depending whether or not I've allowed it to see the LAN, the router will bridge the guest wireless interface with either only the WAN port or the LAN port interfaces.
Can I bridge the Guest WiFi to the LAN switch, tagging one the wireless interface and one of the switch ports with VLAN20 (Iot) and VLAN10 (LAN) - then on my switch where the Raspberry Pi is, tag the port with VLAN20. L3 routing and access will be done by the ASUS router itself. Attached is a crude chart of what I want to do:
All my attempts to use swconfig to actually map VLAN tags on the switch ports have failed; is it possible to do this on stock firmware? If yes, how can I actually do it via the router's command line?
First, allow me to apologize if this is not the correct section - I wasn't sure whether to post this here on in the VLAN section.
Onto my issue. I have an ASUS AC-58U running a modded firmware (a Russian one based on stock) that allows boot scripts that allowed me to setup custom firewall rules that survive a reboot; it does have the swconfig command line tool. I also have two 802.1Q VLAN capable switches - TP-Link SG-105E and SG-108E, behind which a number of devices are connected.
I have a Rapberry Pi that is running HomeAssistant to centrally control my Sonoff switches. I want to separate this into its own IoT VLAN with the router's Guest WiFi as the access point for the IoT devices. These should be able to connect only to the Raspberry Pi but no other devices on the network. I understand that when I turn on the Guest WiFi, depending whether or not I've allowed it to see the LAN, the router will bridge the guest wireless interface with either only the WAN port or the LAN port interfaces.
Can I bridge the Guest WiFi to the LAN switch, tagging one the wireless interface and one of the switch ports with VLAN20 (Iot) and VLAN10 (LAN) - then on my switch where the Raspberry Pi is, tag the port with VLAN20. L3 routing and access will be done by the ASUS router itself. Attached is a crude chart of what I want to do:
All my attempts to use swconfig to actually map VLAN tags on the switch ports have failed; is it possible to do this on stock firmware? If yes, how can I actually do it via the router's command line?
. I have a stock firmware with an installation an opkg and tcpdump on usb flash drive.
