AsusWRT - Vlan Trunking

[Percius]

I have a asus RT-AC68U Router.

I am trying to have Port 4 be a VLAN trunk with Vlan 1 (Standard) and Vlan 15.

In DDWRT I can do this by.
1. Going to Vlan and enabling "Tagged" on port 4, and checking Vlan 1 and Vlan 15.
2. Going to Networking and creating br1 with a static IP on vlan 15.
3. Assigning Vlan15 interface to the br1 bridge.
- Now I can ping between the Router console and a remote switch.
Unfortunately DD-WRT has some issues with Wifi. I have to reboot the system anytime I want to change the wifi settings. That includes changing the setting that was the whole reason for doing this... Getting wl0.1 onto vlan 15 so that the guest network is truely isolated from my network.


I have been all over the net trying to figure out how to get asuswrt to work with trunking on port 4. I am hoping someone can help. I suspect the settings I had before were close but not sure what I missed.

ip link add link eth0 name eth0.15 type vlan id 15
ip -d link show eth0.15
ip addr add 192.168.85.2/24 brd 192.168.85.255 dev eth0.15
ip link set dev eth0.15 up​

 

[Igor Macaubas]

I have a asus RT-AC68U Router.

I am trying to have Port 4 be a VLAN trunk with Vlan 1 (Standard) and Vlan 15.

In DDWRT I can do this by.
1. Going to Vlan and enabling "Tagged" on port 4, and checking Vlan 1 and Vlan 15.
2. Going to Networking and creating br1 with a static IP on vlan 15.
3. Assigning Vlan15 interface to the br1 bridge.
- Now I can ping between the Router console and a remote switch.
Unfortunately DD-WRT has some issues with Wifi. I have to reboot the system anytime I want to change the wifi settings. That includes changing the setting that was the whole reason for doing this... Getting wl0.1 onto vlan 15 so that the guest network is truely isolated from my network.


I have been all over the net trying to figure out how to get asuswrt to work with trunking on port 4. I am hoping someone can help. I suspect the settings I had before were close but not sure what I missed.

ip link add link eth0 name eth0.15 type vlan id 15
ip -d link show eth0.15
ip addr add 192.168.85.2/24 brd 192.168.85.255 dev eth0.15
ip link set dev eth0.15 up​

Did you ever got this setup to work? I have a very similar problem, I need my IPTV VLAN to talk to my internal network ... no success so far.

 

[ASAT]

I'm no expert on VLANs. However, I got this configuration working with a managed 24x port switch that is trunked off of port#4 on the Asus RT-AC68U router. Please say if there is a better way.

Port#4 on the router handles traffic for both VLAN1 and VLAN14 on the switch.

Port#1 on the switch is the uplink to the Asus router.
Port#2-12 on the switch are VLAN1. These are full access ports on my LAN.
Port#13-24 on the switch are VLAN14. These are protected guest ports on my LAN. Internet only. Computers cannot see each other.

I won't go into configuration of the 24x port managed switch. However, here's my Asus RT-AC68U router firewall script:

/jffs/scripts/firewall-start

# Ethernet port#4 is a trunk port for a managed switch that handles traffic for both VLAN1 and VLAN14 on the switch
robocfg show | grep -i vlan14 > /dev/null 2>&1
if [ $? -ne 0 ]; then
  robocfg vlan 1 ports "1 2 3 4t 5t"
  robocfg vlan 14 ports "4t 5t"
  vconfig add eth0 14
  ifconfig vlan14 up
  brctl addif br0 vlan14
  ebtables -t broute -I BROUTING -p IPv4 -i vlan14 --ip-dst ${NETWORK}.0/24 --ip-proto tcp -j DROP
  ebtables -t filter -I FORWARD -i vlan14 -o ! eth0 -j DROP
  ebtables -t filter -I FORWARD -i ! eth0 -o vlan14 -j DROP
fi

 

[Shrmn]

Sorry to hijack this thread but I have a similar issue.

I have a TP-Link Easy Smart Switch that somehow does not allow me to set a PRIO number on the VLAN (at least not from what I can find on the manuals/windows utility)

My issue is that I need VLAN 20 PRIO 4 for my IPTV to work (this works when I set Singtel-Others on my AC-87U and connect the IPTV to Port 4).

However, I'm running short on ports and only have 1x Cat 6 wire going to TV bench (where the IPTV, PS3, Media Receiver, etc. are.). I bought the TP-Link Easy Smart Switch (TL-SG108E) in hopes of allowing that 1 wire to connect all those devices while also providing connectivity to the IPTV.

Internet runs on VLAN 10 PRIO 0.

Is there any way to have the Asus AC-87U send both Internet and IPTV to the smart switch?