[ctadmin]

Hi there.. I'm fairly new to setup of up a VLANs and trying to learn and setup different VLANs, so I can configure them on Esx and XenServer lab hosts.

Here is my network setup.

Got 2 routers running DD-WRT firmware

I have a main router (A) upstairs connected to cable modem, serving clients mainly via Wifi and computers connected via Ethernet. Second router(B) resides in basement wifi disabled

Two routers are connected: LAN port from Router A connected to WAN port on Router B.

Router B has 2 VLAN's with DHCP enabled.
VLAN2 (Port1) - 10.1.2.x
VLAN3 (Port2) - 10.1.3.x

I've configured the firewall on router B so devices on VLAN 2 & 3 can communicate, internet access and are also able to communicate to devices on Router A (192.168.2.x).

The issue I face is with devices connected on Router A cannot see the devices on VLAN 2 & 3 on Router B

Is this a supported configuration ? if so, can someone pls guide me on how to address it?

Please let me know if you need more info on my network configuration.

Thanks in advance.
CT

[ctadmin]

Thanks Eibgard for your quick response.

followed your awesome instructions and got it to work.

Thanks Again

[ctadmin]

Awesome .. thanks again

[ctadmin]

One more question eibgrad, hoping you can help.

My ESXi host now resides on VLAN connected router B (previously on router A).

When on Router A, I had the ability to do WOL remotely via router A but now the EsXi host sits on VLAN on router B, it does not work.

Is there a configuration possible to get this to work ?

Thanks again
CT

[ctadmin]

Yes, Should have been more specific. My bad

Previously, on my Router (A) i would access the router via web portal and then GUI WOL page. Wake up the host from there. I'm hoping to do something similar.

Will take a look at your post on how you did it and see if I can get something working!

Thank you

[ctadmin]

Hi eibgrad,

Sorry, got tied with a different issue and did not get time to test read this.

I did look at your post and got a few questions.
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=307075


Q1:
Code:
### special arp entry for remote wol feature
I'm assuming this would be on Router B (connected to ESX host), correct ?

[ctadmin]

prefect thanks. Was Wondering why u did not answer my other question but looks like it did not get posted so sorry I have re posted it

Q2:
port forward, this will done at Router A (main) connected to Internet Modem ?

Q3:
WOL IP, I see you enter 192.168.1.254 ? In my case would it be VLAN where the Esx host resides (10.1.2.254) ?
or the Router IP Range ?
or ESX host IP ?

Q4.
Would I still be able to connect to router A from external Go to Administration - WOL - Manually wake device ?

Q5: Topic outside WOL, My Router B is WRT54G, i read it does not support VLAN tagging. Are you aware ?

Thanks
CT

[ctadmin]

Thanks for your feedback.. Greatly appreciated!!

I will read up how to configure VPN server.

Back to question 1 on ARP entry.
This will under the Administration -> commands
And for WOL_IP= ESX HOST IP
Then save as startup

In my case:

WOL_IP="10.1.2.5"
ip neigh change $WOL_IP lladdr ff:ff:ff:ff:ff:ff nud permanent dev br0
ip neigh add $WOL_IP lladdr ff:ff:ff:ff:ff:ff nud
permanent dev br0

Sorry not near my lab to test, so asking the questions just to be sure I understand

Looks right ?

[ctadmin]

Thanks Again.

[ctadmin]

Hi eibgrad,
Sorry to come back with more questions.

I thought of switching my configuration on router B a little to see, and let me know if that make sense

Instead of plugging ethernet cable from Router A(Main Router) to Wan port on Router B, I decided to link the 2 routers by connecting to LAN port 4 on Router B.

So I disabled the WAN port on Router B. Changed the router B ip address to point to same subnet (192.168.2.x) as Router A. Also disabled the DHCP.

So configuration on Router B
Wan port disabled
Router IP: 192.168.2.x
LAN 1 - Empty
LAN2 - Assigned to VLAN3
LAN3 - Assigned to VLAN2
LAN 4 - Connect to Router A

If I plug a device into LAN 1, get an IP from Router A and all works fine.
If I plug a device into LAN2/3 and set a manual IP. I can ping devices on all VLANs and ping devices on Router A, but no internet Access

Does this configuration make sense ? How can I get VLAN2/3 access to the internet ?

Here is what I have under Administration - > commands


iptables -I INPUT -i vlan+ -j ACCEPT
iptables -I FORWARD -i vlan+ -o br0 -m state --state NEW -j ACCEPT
iptables -I FORWARD -i vlan+ -o vlan+ -m state --state NEW -j ACCEPT
iptables -I FORWARD -i vlan+ -o ppp0 -m state --state NEW -j ACCEPT

**** guessing the below is no longer need as I have WAN disabled, Right ?*****

WAN_NET="$(nvram get wan_ipaddr)/$(nvram get wan_netmask)"
iptables -I INPUT -s $WAN_NET -m state --state NEW -j ACCEPT
iptables -I FORWARD -s $WAN_NET -m state --state NEW -j ACCEPT


Thanks again
CT

[ctadmin]

Thanks again for prompt response and great information