Wi-Fi AP and vlan setting

Hi there,

two days I am trying to make this work but no luck so far.

I would like to connect WiFi AP to my omnia this way:

AP is connected to LAN 4 port on my omnia
AP management vlan is 2
AP has one ssid assigned to vlan 3

I would like to be able to access AP’s web GUI from my turris lan and clients connected to the AP should not be able to see my turris lan.

I have searched web and tried a lot of things to make it work - adding new vlans,interfaces … I think I am missing something about the way vlans on omnia works.

Any help ?

What does not work? What’s your configuration? Vlans and interfaces are not enough, you need to set up your firewall correctly. There should be nothing Turris-specific.

I have created :
New interface for vlan3 with different ip range
Firewall zone for that interface (it is copy of turris default guest zone - dunno if it’s ok? )
Firewall rule for dns and dhcp - again copy of default guest rule

Vlan 3 tagged on port 4 and 6. AP setting is vlan 2 for management and vlan 3 for wireless network

Access to web interface of ap is working but if client connect to wireless network of the AP it did not get IP address.


config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd0c:3e21:93f3::/48'

config interface 'lan'
	option force_link '1'
	option type 'bridge'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '192.168.1.1'
	option _orig_ifname 'eth0 eth2 wlan0 wlan1'
	option _orig_bridge 'true'
	option ifname 'eth0 eth2'

config interface 'wan'
	option ifname 'eth1'
	option _orig_ifname 'eth1'
	option _orig_bridge 'false'
	option proto 'dhcp'

config interface 'wan6'
	option ifname '@wan'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option vid '1'
	option ports '0 1 2 3 5'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option vid '2'
	option ports '4 6'

config interface 'guest_turris'
	option enabled '1'
	option type 'bridge'
	option proto 'static'
	option ipaddr '10.111.222.1'
	option netmask '255.255.255.0'
	option bridge_empty '1'
	option _orig_ifname 'guest_turris_0 guest_turris_1 guest_turris_1'
	option _orig_bridge 'true'
	option ifname 'guest_turris_0 guest_turris_1'

config interface 'Vlan2'
	option type 'bridge'
	option proto 'static'
	option ipaddr '192.168.10.1'
	option netmask '255.255.255.0'
	option _orig_ifname 'eth0.3 eth2'
	option _orig_bridge 'true'
	option ifname 'eth0.3'

config switch_vlan
	option device 'switch0'
	option vlan '3'
	option vid '3'
	option ports '4t 6t'

Basically now I just would like to get traffic from AP’s WiFi (which is set to vlan3 ) pass through omnia’s LAN4 port directly to the internet.