Hi,
i am currently switching from a TP-Link WDR3600 with OpenWRT to a Turris Omnia. My network setup consists of 4 different VLANs wich are switched in my core switch and then via a trunk connection (all VLANs tagged) to the router. This was fine with the TP-Link.
Currently i am struggling with re-creating these VLANs in the Turris Omnia. The hardware design with the SOC and the dedicated switch chip caused multiple lock-outs and factory resets, but i think i have figured it now.
The last problem i cannot figure out for myself is: The forward to the WAN zone in the firewall is currently not working. I have checked the network configuration and the firewall configuration, but cannot figure it out myself.
Currently, this is my VLAN configuration. I have disabled eth2 in the SoC completely, the switch-chip communicates with the SoC only on Port5/eth0 with a tagged VLAN connection.
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdf7:7276:27a6::/48'
config interface 'admin'
option force_link '1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option _orig_ifname 'eth0 eth2 radio0.network1 radio1.network1'
option _orig_bridge 'true'
option ifname 'eth0 eth0.1'
config interface 'wan'
option ifname 'eth1'
option proto 'dhcp'
config interface 'wan6'
option ifname '@wan'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '0t 1 2 3 4 5t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '0t 5t'
option vid '10'
config interface 'home'
option type 'bridge'
option proto 'static'
option ifname 'eth0 eth0.10'
option ipaddr '192.168.10.1'
option netmask '255.255.255.0'
config switch_vlan
option device 'switch0'
option vlan '3'
option vid '11'
option ports '0t 5t'
config interface 'guest'
option type 'bridge'
option proto 'static'
option ifname 'eth0 eth0.11'
option ipaddr '192.168.11.1'
option netmask '255.255.255.0'
config switch_vlan
option device 'switch0'
option vlan '4'
option vid '12'
option ports '0t 5t'
config interface 'iot'
option type 'bridge'
option proto 'static'
option ifname 'eth0 eth0.12'
option ipaddr '192.168.12.1'
option netmask '255.255.255.0'
Each interface has its own firewall zone, since each interface is the uplink to another VLAN. My firewall configuration currently looks like this:
As far as i can see, the WAN interfaces have their physical interface set up. The uplink to the internet exists. Each zone has allowed forwarding to the WAN zone. Has anyone an idea why no of my devices (even the router itself via ssh) has no connection to the internet?
Thanks very much in advance.