Pablo
Occasional Visitor
Hi, I've been fighting with this for a couple of days.
I have a pfSense router with a VLAN4 defined on the LAN interface tagged with id "4". That port is connected to port 1 on the router. My goal is to have a wlan on vlan4.
This is how I have configured it:
Port 1 is tagged because it is also used on VLAN3 (another VLAN defined in pfSense and on the phisical LAN interface).
This is the output of "robocfg show"
And this is the output from "brctl show"
With this setup when I try to connect from a wifi device to the guest SSID (defined on the XWRT gui), I've get stucked at the point when it's trying to get the IP address. So, I can pass the authentication point successfully (tried both open and wpa2 with same results) and just keeps saying that the AP has no internet access.
pfSense shows that it has assigned the IP to the device, in this case a mobile phone, but the phone does not show the assigned IP, it just shows "some IP" totally different from the one it must be assigned by the DHCP pool on the pfSense box.
On the pfSense box I have VLAN3 working with a DHCP for VLAN3 and also VLAN4 defined the same as VLAN3 (just with different ID tag) and also a DHCP defined for VLAN4 with different ip address ranges (VLAN3 192.168.3.0 and VLAN4 192.168.4.0)
I also have flushed both iptables and ebtables rules so nothing can block the traffic, but it still don't work.
Anyone willing to troubleshoot this to help me?
Thanks,
Pablo
I have a pfSense router with a VLAN4 defined on the LAN interface tagged with id "4". That port is connected to port 1 on the router. My goal is to have a wlan on vlan4.
This is how I have configured it:
Code:
robocfg vlan 4 ports "1t 8t"
vconfig add eth0 4
ifconfig vlan4 up
brctl addbr br1
brctl delif br0 wl0.1
brctl delif br0 wl1.1
brctl addif br1 vlan4
brctl addif br1 wl0.1
brctl addif br1 wl1.1
ifconfig br1 up
nvram set lan_ifnames="vlan1 eth1 eth2"
nvram set lan_ifname="br0"
nvram set lan1_ifnames="vlan4 wl0.1 wl1.1"
nvram set lan1_ifname="br1"
nvram commit
killall eapd
eapd
Port 1 is tagged because it is also used on VLAN3 (another VLAN defined in pfSense and on the phisical LAN interface).
This is the output of "robocfg show"
Code:
Switch: enabled
Port 0: DOWN enabled stp: none vlan: 2 jumbo: off mac: 00:00:00:00:00:00
Port 1: 100FD enabled stp: none vlan: 1 jumbo: off mac: 52:54:00:0a:74:e6
Port 2: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 3: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 4: 1000FD enabled stp: none vlan: 1 jumbo: off mac: a0:f3:c1:f8:6f:b0
Port 8: 1000FD enabled stp: none vlan: 1 jumbo: off mac: 78:0c:b8:37:58:61
VLANs: BCM5301x enabled mac_check mac_hash
1: vlan1: 1 2 3 4 8t
2: vlan2: 0 8t
3: vlan3: 1t 4t 8t
4: vlan4: 1t 8t
1045: vlan1045: 0t 3 4t 8u
1046: vlan1046: 0 1 2 3 4 5 7t
1047: vlan1047: 0t 2t 4 5t 7
1099: vlan1099: 0t 4 5t 7t
1100: vlan1100: 2 3 7 8t
1101: vlan1101: 0t 1 3t 7
1102: vlan1102: 0 1 2t 3t 5 7t
1103: vlan1103: 0 1 8t
And this is the output from "brctl show"
Code:
bridge name bridge id STP enabled interfaces
br0 8000.c40415238d25 yes vlan1
eth1
eth2
br1 8000.022215a50305 no vlan4
wl0.1
wl1.1
With this setup when I try to connect from a wifi device to the guest SSID (defined on the XWRT gui), I've get stucked at the point when it's trying to get the IP address. So, I can pass the authentication point successfully (tried both open and wpa2 with same results) and just keeps saying that the AP has no internet access.
pfSense shows that it has assigned the IP to the device, in this case a mobile phone, but the phone does not show the assigned IP, it just shows "some IP" totally different from the one it must be assigned by the DHCP pool on the pfSense box.
On the pfSense box I have VLAN3 working with a DHCP for VLAN3 and also VLAN4 defined the same as VLAN3 (just with different ID tag) and also a DHCP defined for VLAN4 with different ip address ranges (VLAN3 192.168.3.0 and VLAN4 192.168.4.0)
I also have flushed both iptables and ebtables rules so nothing can block the traffic, but it still don't work.
Code:
admin@Nighthawk:/jffs/scripts# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain logaccept (0 references)
target prot opt source destination
Chain logdrop (0 references)
target prot opt source destination
admin@Nighthawk:/jffs/scripts#
admin@Nighthawk:/jffs/scripts# ebtables -L
Bridge table: filter
Bridge chain: INPUT, entries: 0, policy: ACCEPT
Bridge chain: FORWARD, entries: 0, policy: ACCEPT
Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
admin@Nighthawk:/jffs/scripts#
Anyone willing to troubleshoot this to help me?
Thanks,
Pablo