Тёмный

VLANs from pfSense / OPNSense to DD-WRT Virtual Wireless Access Points for Home or Business 

Awesome Open Source
Подписаться 137 тыс.
Просмотров 14 тыс.
50% 1
ВидеоПоделитьсяСкачатьДобавить в

=== Links ===
Show Notes
wiki.opensourceisawesome.com/...
Setup pfSense with DD-WRT VLANs in DD-WRT Forums
superuser.com/questions/12128...
VAP Startup Commands for DD-WRT
forum.dd-wrt.com/phpBB2/viewt...
Previous Videos:
Setting up VLANs in pfSense / OPNSense
• Building a Business - ...
Setting up DD-WRT as a "Dumb" AP
• Setup the DD-WRT Open ...
Get the AwesomeOpenSource Merchandise
awesomeopensource.creator-spr...
Support my Channel and ongoing efforts through Patreon:
www.patreon.com/bePatron?u=23417
Buy Me a Coffee or Beer
paypal.me/BrianMcGonagill?cou...
=== Timestamps ===
00:00 Beginning
00:09 Introduction to DD-WRT and pfSense for VLANs
02:00 Thank you to my Patrons at Patreon, and my subscribers on RU-vid
02:40 A Quick Review of VLANs in pfSense
09:04 Setting up DD-WRT for VLANs
11:55 Setting up our Virtual Wireless Access Points
14:40 Assign the Virtual Wireless APs to VLANs
20:20 Possibly Need some Startup Commands
=== Contact ===
Twitter: @mickintx
Telegram: @MickInTx
Mastodon: mastodon.partecipa.digital/ @MickInTX
Try out SSDNodes VPS Services! Amazing Specs for incredibly low costs. I'm running a 32 GB RAM / $ CPU Server for only $9 a month! Seriously. FOr long term server usage, this is the way to go!
www.ssdnodes.com/manage/aff.p...
Get a $50.00 credit for Digital Ocean by signing up with this link:
m.do.co/c/a6a61ae55242
Use Hover as your Domain Name Registrar to get some great control over you domains / sub-domains:
hover.com/SHPaiirr
Support my Channel and ongoing efforts through Patreon:
www.patreon.com/bePatron?u=23...
What does the money go to?
To Pay for Digital Ocean droplets, donations to open source projects I feature, any hardware I may need to purchase for future episodes (which I will then give to a subscriber in a drawing or contest).
=== Attributions ===
Intro and Outro music provided by www.bensound.com

Наука

Опубликовано:

 

3 июл 2024

Поделиться:

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист
Посмотреть позже
Комментарии : 88   
@danieldewindt3919
@danieldewindt3919 4 месяца назад
Grate video. It was fooling around in a black box before i saw your video. Thanx
@AwesomeOpenSource
@AwesomeOpenSource 4 месяца назад
Thanks! Glad it was helpful.
@paldo771
@paldo771 Месяц назад
This is awesome. Been looking all over how to do this so that i can use the switch and wireless functions. Leaving openwrt to do the routing..
@AwesomeOpenSource
@AwesomeOpenSource Месяц назад
OpenWRT can do this as well. I have videos on it too.
@joecook4451
@joecook4451 2 месяца назад
fantastic!!! this video is exactly what i wanted to do. and now i understand vlan setup much better. and mostly how to get opnsense and the dd-wrt to work together with vlans. and bonus you showed the fw rules. thanks so much !
@AwesomeOpenSource
@AwesomeOpenSource 2 месяца назад
Super glad it was helpful.
@prahe86
@prahe86 Год назад
Great video. I wish all of my instructors in school had your presentation skills
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Wow, thank you!
@marcone7948
@marcone7948 4 месяца назад
Looking forward to using this great information as i'm about to deploy the exact same setup. Thank you for sharing!
@AwesomeOpenSource
@AwesomeOpenSource 3 месяца назад
Very welcome! Hope it's helpful!
@Lovesickdangerboy
@Lovesickdangerboy Год назад
You’re absolutely crushing the game!! I love watching your videos and learn so much every time
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Thank you so much!
@JasonsLabVideos
@JasonsLabVideos Год назад
Good clean and easy to understand video ! Thanks for this !
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Glad it was helpful!
@sulaimangari2745
@sulaimangari2745 Год назад
Hello Brian, just want to say thank you for your contents. Your videos and notes helped a lot with my project. May God bless you.
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Glad to help
@Glatze603
@Glatze603 Год назад
Hi Brian, good stuff, well explained! For kids and IoT I defined outgoing rules, too. Normaly http and https (tcp only > https/udp is quic, what I do not want) should be enough. DNS and NTP should only be allowed to the firewall, that´s it 🙂. In my OPNsense I defined that only known hosts are allowed to get dhcp addresses for all networks/interfaces/vlan ´s except guests (guests can do what they want, because they only are allowed to access wan), so you forbit devices to get ip addresses in those networks. On the other side I defined device-groups that are allowed to access networks. When someone strange (for example an electrician) is in my house, he is not able to access any service in any of my networks except guests! For this to function you have to define all devices as reserved with ip and mac address and as aliases - that´s a little bit work, but with that you can create static firewall-rules for every device and/or every case (one specific client needs wireguard, another should be able to use tor). Such networking things are hard stuff. Thanks for your video 🙂
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Very awesome!
@cdoublejj
@cdoublejj Год назад
nice topic, look forward to watching to see if pick up any new info
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Let me know if you do, and definitely let me know if you see me doing something I shouldn't, or could do more easily.
@KenPryor
@KenPryor Год назад
Excellent explanation.. This looks like a great project to try.
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Thank you! Cheers!
@alldjp
@alldjp 3 месяца назад
Thank you for this tutorial! I was finally able to get my virtual APs and vlans working on an old Archer C9v1 (which is also broadcom based). I'm not sure if it's the startup command that worked for me, or the section about setting bridge addresses in your show notes. For my setup, I did have to keep vlan 1 enabled to get internet to work at all. It might be because of the managed switch I have between dd-wrt and opnsense. Anyway, thanks again!
@AwesomeOpenSource
@AwesomeOpenSource 2 месяца назад
Glad it helped!
@jwspock1690
@jwspock1690 Год назад
Good stuff! Tnx....
@AwesomeOpenSource
@AwesomeOpenSource Год назад
my pleasure.
@Tntdruid
@Tntdruid Год назад
Super easy to do whit UniFi and OpnSense 😀
@AwesomeOpenSource
@AwesomeOpenSource Год назад
I'm sure it was easier, but for me it was the success of making work that really feels great!
@hakovatube
@hakovatube Год назад
Excellent guidance. I wonder if I can create virtual SSIDs on non-DDWRT routers; probably not. By the way there is a typo in your list of commands to the router to be executed after boot: you typed eht0 instead of eth0 to put that interface down after boot. It didn't seem to affect anything though :).
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Not sure about non-DD-WRT routers, but OpenWRT should also be able to do this, thought diffeerent setup for sure. Thanks for the tip on the typo, I'll get it corrected.
@iGarrettt
@iGarrettt Год назад
Mikrotik makes some very affordable devices, the hap lite is a $25 router/switch that has all the same software features the $3000 rack mount devices have, so for learning purposes they're amazing. They also offer hap ac2 which is an $80 dual band router style device
@xan646
@xan646 11 месяцев назад
Hi Brian. Thanks for the great explanation! I have a few questions for you. 1. What is the hardware behind the DD-WRT? 2. Do you have any resource saturation on the router that is running DD-WRT? 3. After all these months how well does it work? 4. Do you recommend using VLANs on a home router with DD-WRT? Thank you!
@AwesomeOpenSource
@AwesomeOpenSource 11 месяцев назад
On this video I was using Asus RT AC56U devices for DD-WRT. So far not had any resource saturation issues. I just did a new video on setting up my network with VLANs usign OpenWRT, so might be worth a look as well if you're interested.
@xan646
@xan646 11 месяцев назад
@@AwesomeOpenSource Hi! Thanks for answering. I will look for that video. I still can't decide wich one would be better. I have a TP-LINK Archer C7 v5. Do you prefer OpenWRT over DD WRT?
@4thbx
@4thbx Год назад
This youtube video covers exactly what I've been trying to do at my home. Seems my issue was using vlans larger than 15! DD-WRT AP would just lock up and need a full reset every time. You mentioned a way to mitigate this in the video but I don't think an explanation made it into the final vid. What exactly is going on with vlans > 15?
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Had the same issue, thus it took me forever to get this all worked out. Glad it's helpful.
@4thbx
@4thbx Год назад
@@AwesomeOpenSource I just updated to the 1/25/23 build of dd-wrt for my old ASUS RT-N66U (which is broadcom) and it all just worked. Configured everything with the gui and had > 15 vlans.
@AwesomeOpenSource
@AwesomeOpenSource Год назад
That is awesome!
@chhil
@chhil 10 месяцев назад
This is extremely helpful. Thank you. I am in my designing phase and new to all of this. I would like to know what additional things if any need to be considered to VPN into a corporate VPN (company uses Cisco Anyconnect client).
@AwesomeOpenSource
@AwesomeOpenSource 10 месяцев назад
You shouldn't need anything special for it, but it would be good to ask your corporate IT if they have any special requirements.
@chhil
@chhil 10 месяцев назад
Thank you. I was concerned about the different IP address the VPN connection would have.
@ravenseyeimages
@ravenseyeimages Год назад
good video - I plan on watching your others on pfsense, but if I may ask, is there any advantage to using pfsense vlans over the ones in dd-wrt itself? I recently got fibre connected, and was debating replacing the ISP router with my dd-wrt flashed linksys, then I started reading up on pfsense appliances and am thinking about that. However I am wondering if this is overkill. I would like to put my IOT devices on a separate vlan as well as have guest wireless. I have a newer linksys dd-wrt router that I am just using as a switch/AP off the ISP router for now, as well as an older Buffalo dd-wrt router that I use as a wireless bridge. Also have an Apple airport and another ISP supplied access point, the latter having wifi 6 and gives me my best speeds (on my iPhone 13) All have their own SSD, but I would like to set up some sort of mesh network to increase coverage, preferably without having to purchase an off the shelf mesh system
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Not really. I just use pfSense as my main firewall and router, so I wanted to start there.
@cwxuser5557
@cwxuser5557 Год назад
Great videos Brian ! is there a chance to get another one with nginx proxy manager + unifi controller in separate vm...., having huge problem to get it work and forward all required ports to work :(.
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Let me see what I can do. I don't use Unifi, but I know the controller is freely available, so I might be able to get as far as getting the pass through proxy access to the web ui.
@ComputerworxVideo
@ComputerworxVideo Год назад
@@AwesomeOpenSource Hi any news on Unify Controller and Nginx Proxy Manager ? were you able to get it to work ? I really could use it. thx
@ziggypuppyproductions7453
@ziggypuppyproductions7453 7 месяцев назад
@AwesomeOpenSource I have a question about how to get 1 NIC out of my OPNSense box to handle 1 VLAN and a LAN. I don't have a second NIC card to drop in the OPNSense box.
@AwesomeOpenSource
@AwesomeOpenSource 7 месяцев назад
You want the single NIC to do both LAN and VLAN right? I presume the other NIC will be your WAN connection. But the single NIC is pretty much what I show in the setup (though it's on pfSense). When you create the VLAN connection, you go back to the Interfaces and add it as an interface, and in the process you select which physical interface you want the VLAN to use. In this case, you would select the same physical interface as your LAN.
@Plav-uf6kt
@Plav-uf6kt Год назад
Thank you Brian, i can connect to the vap wl0.1 and wl1.1 i created on a EA6900, get an address in the range i specified on opnsense an access only the internet. When i connect back to wl0 and wl1 i don't get an address anymore though. I don't understand why it's not passed to the trunk even if i select vlan1 and 2 on the switch port i use for wl0.1 and wl1.1. Can you explain what is happening? Do wl0 and wl1 becomes irrelevant and i have to create a vap for wide open access to the lan as it was before? Thanks for you help.
@AwesomeOpenSource
@AwesomeOpenSource Год назад
I see the same behavior. Not sure why that doesn't pick up the "main LAN" once you move the input to the trunk port we create. Sorry it's causing you issues. My work around was to disable SSID broadcast of the main LAN networks, and just add another VLAN, then set it like I had my main LAN SSIDs. Wonky, but it worked.
@jashmaniar
@jashmaniar Год назад
Hey Brian thanks for the explanation I just wanted to ask which Linux distro are you using?
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Currently using Kubuntu 22.04. Really great, stable, lightweight, and smooth.
@jashmaniar
@jashmaniar Год назад
Thanks for the reply
@cdoublejj
@cdoublejj Год назад
hey can you figure out how to get lancache in a hyper-v vm working with dd-wrt and home-assistant ?
@AwesomeOpenSource
@AwesomeOpenSource Год назад
I don't use Hyper-v so not sure if that would impact the setup.
@jameswadsley3165
@jameswadsley3165 2 месяца назад
This seems to leave a lot out. Every time I activate the new BR1, I can no longer connect to the WAP via Wifi or hardlined. My router Netgear R6250 does not show which cables are plugged in to which port so this is extremely confusing to me
@AwesomeOpenSource
@AwesomeOpenSource 2 месяца назад
I didn't leave anything out, but what you are likely running into is how the differing hardware can behave with the firmware of DD-WRT. I had some APs that also would just freeze up when I would enable the bridge. So it may be the chipset, or you may need to get more up to date firmware (like a dev build).
@jameswadsley3165
@jameswadsley3165 2 месяца назад
@@AwesomeOpenSource I just think my router isn't capable of VLANs, when I add the vlan three, four, etc I do not see them in the Networking tab to add as bridges I'm on the latest dev build for my router...
@ebaylabels9599
@ebaylabels9599 10 месяцев назад
Is there anyway to use client mode to connect to multiple aps? And split it up using multiple ssid
@AwesomeOpenSource
@AwesomeOpenSource 10 месяцев назад
Not that I know of, but you might have better luck on the DD-WRT forums with that question. Those guys can tell you for sure. They are awesome!
@deven5498
@deven5498 10 месяцев назад
@AwesomeOpenSource do you have only one Ethernet cable plugged into the AP? and if so is it on the VLAN port?
@AwesomeOpenSource
@AwesomeOpenSource 10 месяцев назад
So, in that setup. I ran a trunk cable (carrying all the VLANs on one line) to an unmanaged switch, and then routed a cable to each AP (which carried the trunk line to them as well). I was able to then assign certain ports to certain VLANs and assign certain Wireless SSIDs to specific VLANs. I have a similar setup now with OpenWRT router and APs as well.
@deven5498
@deven5498 10 месяцев назад
@@AwesomeOpenSource Thanks so much for the video and quick response. So just one cable to each AP carrying all three vlans?
@AwesomeOpenSource
@AwesomeOpenSource 10 месяцев назад
@@deven5498 yes indeed.
@alejandrocabeza1919
@alejandrocabeza1919 Месяц назад
Hey just ran into your video. If I want to get the hardwire to still work on that same port can I not leave it checked and also tag the vlans on it? I have an OPNsense router connected to LAN1 of a dumb AP atm, and I two other PCs and a NAS connected to the same DD-WRT dumb AP. When I unclicked LAN1(coming from opnsense) I lost internet.
@AwesomeOpenSource
@AwesomeOpenSource Месяц назад
I'm not understanding what you're trying to do. Feel free to jump over to discuss.opensourceisawesome.com and ask in the #help-me-please channel. Maybe we can get to what you need.
@shaung638
@shaung638 Год назад
What does it mean if I don't have the "switch config" tab in ddwrt? It's an old router so I wonder if it isn't supported?
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Could be that it's not supported for the chipset, or that it's not an up to date version of DD-WRT.
@RuneOsnes
@RuneOsnes Год назад
Can it be that the way to solve the 15 VLAN problem is to use VLAN Tagging under the Setup-Networking menu? I tried to Add a tag under Tagging and though i didn't understand all the choices something struck me as pertaining to this issue?
@AwesomeOpenSource
@AwesomeOpenSource Год назад
If you can get that to work on your router absolutely, but in my testing, it wouldn't work properly for me.
@marrr7611
@marrr7611 8 месяцев назад
This method does not work. I tried to configure this on two router, one was a tp-link archer c9 and another one was an asus ac68u router running the same code as in the video. I could not get either one to work with this method.
@AwesomeOpenSource
@AwesomeOpenSource 8 месяцев назад
I'm sorry you had a hard time getting your VLANs setup. I can say that occasionally hardware does have a role in how the various options may work. Not knowing which version of DD-WRT you are on, it's hard to say what might be different. Definitely different versions have different results for me.
@user-md3mi3rl7g
@user-md3mi3rl7g 6 месяцев назад
@@AwesomeOpenSource I was on the same version as yourself, but with different hardware. I got frustrated and went with Unify Dream Router in which it is very easy to configure different SSID and with firewall rules.
@user-hm6iw9ou3y
@user-hm6iw9ou3y Год назад
hi,Do you plan topics about http proxy(like squid in pfsense/opmsense),or other opensource webfilter?
@AwesomeOpenSource
@AwesomeOpenSource Год назад
I haven't, but I can for the future. Would you be interested in seeing something like that?
@user-hm6iw9ou3y
@user-hm6iw9ou3y Год назад
@@AwesomeOpenSourceyes, for sure not only for me I can offer a couple of resources,if u'll interested in
@lapastangan04
@lapastangan04 Год назад
Sir, is it possible to change the PVID(native vlan)? If yes, please tell me how. I'm about to flash my R8000 with ddwrt.
@AwesomeOpenSource
@AwesomeOpenSource Год назад
If you go to the networking view, and move all of the checkboxes to a different number, I presume it would then be the new PVLAN, but I haven't tried this.
@lapastangan04
@lapastangan04 Год назад
@@AwesomeOpenSource Thank you
@pd8321
@pd8321 Год назад
SOS, my ISP demande to set a tagged Vlan ID as 40 in order to connect to internet via PPPoE. But I don't know how to config it in DD-WRT, could you PLEASE help me out?
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Depending on your hardware, it may depend on whether you can set a tagged VLAN higher than 15 with DD-WRT. but go through the same process to start the VLAN setup, however, you'll need to add the tagged VLAN as (40) on the Networking page. From there setup your bridge, and link it to the ports/VLAN you just created.
@pd8321
@pd8321 Год назад
@@AwesomeOpenSource thanks, the probleme is solved!
@costenalolek973
@costenalolek973 Год назад
The moment I click "Apply Settings" after changing vlans at "Switch Config", my AP becoming dead. Can't access it anymore, I have to connect the cable to a different Lan Port, because the whole network is dead to. Switching off and on again, does nothing. Only solution is factory reset. You said you've been fighting it for a long time, maybe you had a similar experience and you know the solution?
@AwesomeOpenSource
@AwesomeOpenSource Год назад
If you are connected (the incoming line) to the port you are setting up for VLAN you will lose your connection as you haven’t configured everything yet, so use a different port if possible until you have it set up. Then move the line over and test VLAN networks. Without knowing your router model and port setup it’s hard to know for sure.
@costenalolek973
@costenalolek973 Год назад
@@AwesomeOpenSource As I said, even if I change port, nothing's change. Router is unreachable, no LEDs for 2,4 i 5GHz... I can see SSID but cant connect it. ASUS RT-AC87U after, factory reset, set to AP also with Yours tutorial.
@Watheuzz
@Watheuzz Год назад
@@costenalolek973 Same problem here with the same router model!
@zparihar
@zparihar Год назад
Spelling mistake @ 20:51: wlconf eht down;
@AwesomeOpenSource
@AwesomeOpenSource Год назад
Thank you, fixed it in the documentation on my show notes.
Далее
Remotely - An Open Source, Self Hosted, Remote Desktop and Remote Support Tool with Power!
31:12
Remotely - An Open Source, Self Hosted, Remote Desktop and Remote Support Tool with Power!
Просмотров 84 тыс.
Building a Business - Ep 3 - VLAN Setup in pfSense and OPNSense four our segmented network.
30:12
Building a Business - Ep 3 - VLAN Setup in pfSense and OPNSense four our segmented network.
Просмотров 17 тыс.
LOVE LETTER - POPPY PLAYTIME CHAPTER 3 | GH'S ANIMATION
00:15
LOVE LETTER - POPPY PLAYTIME CHAPTER 3 | GH'S ANIMATION
Просмотров 10 млн
Nice hiding.
00:43
Nice hiding.
Просмотров 2 млн
Вадик узнал слишком много о маме
00:23
Вадик узнал слишком много о маме
Просмотров 291 тыс.
Румыния - Нидерланды | Евро-2024. Обзор матча 1/8 финала
04:42
Румыния - Нидерланды | Евро-2024. Обзор матча 1/8 финала
Просмотров 157 тыс.
My experiment with non-open networking - and Why and How I'm moving back to open source for good!
34:18
My experiment with non-open networking - and Why and How I'm moving back to open source for good!
Просмотров 29 тыс.
How To Secure pfsense with Snort: From Tuning Rules To Understanding CPU Performance
24:04
How To Secure pfsense with Snort: From Tuning Rules To Understanding CPU Performance
Просмотров 55 тыс.
How to Configure VLANs in Proxmox
15:47
How to Configure VLANs in Proxmox
Просмотров 2,9 тыс.
Use DD-WRT to set up a VLAN and Virtual Wifi for IoT devices
11:06
Use DD-WRT to set up a VLAN and Virtual Wifi for IoT devices
Просмотров 59 тыс.
DD-WRT - Open Source Router Firmware to take your home router to the next level of capability!
27:19
DD-WRT - Open Source Router Firmware to take your home router to the next level of capability!
Просмотров 48 тыс.
OPNSense - a powerful, open source, network firewall and router.
41:12
OPNSense - a powerful, open source, network firewall and router.
Просмотров 110 тыс.
Configuring a Management VLAN
19:29
Configuring a Management VLAN
Просмотров 10 тыс.
SelfHosted Gateway - WireGuard Tunnel for secure external access to all of your Self Hosted Apps!
26:00
SelfHosted Gateway - WireGuard Tunnel for secure external access to all of your Self Hosted Apps!
Просмотров 37 тыс.
pfSense, open source, enterprise grade firewall and routing system.
27:49
pfSense, open source, enterprise grade firewall and routing system.
Просмотров 10 тыс.
How To Setup VLANs With pfsense & UniFi 2023
21:57
How To Setup VLANs With pfsense & UniFi 2023
Просмотров 187 тыс.
Xiaomi 14 индия ЧЕМ ОТЛИЧАЕТСЯ от Xiaomi 14 европа
0:56
Xiaomi 14 индия ЧЕМ ОТЛИЧАЕТСЯ от Xiaomi 14 европа
Просмотров 608 тыс.
ссылка в описании #рек #smartphone #посылка #топ
0:17
ссылка в описании #рек #smartphone #посылка #топ
Просмотров 4,9 млн
Когда паникуешь слишком рано #магазин #электроника #смартфоны #пк
0:18
Когда паникуешь слишком рано #магазин #электроника #смартфоны #пк
Просмотров 1 млн
РАСПАКОВКА ИНТЕРЕСНЫХ ПОСЫЛОК / ПОДАРКИ ОТ ПОДПИСЧИКОВ
43:43
РАСПАКОВКА ИНТЕРЕСНЫХ ПОСЫЛОК / ПОДАРКИ ОТ ПОДПИСЧИКОВ
Просмотров 85 тыс.
iPhone 16 с инновационным аккумулятором
0:45
iPhone 16 с инновационным аккумулятором
Просмотров 1,3 млн
Развод с OZON - ноутбук за 2875₽
17:48
Развод с OZON - ноутбук за 2875₽
Просмотров 90 тыс.
Мой инст: denkiselef. Как забрать телефон через экран.
0:54
Мой инст: denkiselef. Как забрать телефон через экран.
Просмотров 1,3 млн