![]() On setting up the switch to tag the port that the pfSense interface was connected to, into VLANs 1 and 4, the router worked as expected. VLAN1 was assigned to the existing LAN interface, in place of sk1, and I added another interface called “GuestNet” and assigned VLAN4 to this. This created 2 new “Network ports” under Interfaces -> (assign) -> Interface assignments called “VLAN1 on sk1” and “VLAN4 on sk1”. ![]() These were tagged 1 (primary LAN VLAN ID) and 4 (guest LAN VLAN ID). On pfSense, under Interfaces -> (assign) -> VLANs, I created 2 VLANs on the interface that is the LAN. Any of the devices listed here that support 802.1Q VLAN tagging should be fine. I ended up, after days of faffing, buying some Linksys E1000 and flashing them with DD-WRT myself. This is because only Broadcom based hardware supports hardware VLAN tagging on DD-WRT and the DD-WRT software VLAN tagging just plain doesn’t work – even on Broadcom based hardware. ![]() To cut a long story short, the D-Link DIR-615 didn’t work out. The guest wifi had to be separate from the main wifi in such that the main network was secure from intrusion, guests should be sent to the company website when they log in and we didn’t want to have to double up the access points or run more structured cabling to connect them. It was required to have a second wifi network for guests of the office to get online. The usecase is thus… We have an established wifi network comprising of D-Link DIR-615 access points flashed with DD-WRT, a router running pfSense and a managed Gigabit switch supporting 802.1Q VLAN tagging. Here’s the result of many days of faffing about attempting to get this working. ![]() This seems quite a common thing to do yet it’s proved to be a huge ball-ache with DD-WRT. Preface: For explanation of VLAN tagging, see this post. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |