OpenWrt Forum Archive

Topic: Splitting the WLAN From the Switch Bridge

The content of this topic has been archived on 17 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
HalNineThousand
1 Aug 2007, 07:50

At this point, I'm not even completely sure of what questions I should be asking on this, so I'm hoping I can get some guidance.  I'm not asking anyone to do the work for me, since, in the long run, I want to know what I'm doing.

As of now I have my own LAN in the 172.16.7.xxx range with all the computers connected through a Linksys wired switch.  I have a cable from this switch to my WRT54G, running OpenWRT with X-WRT on it.  The main reason I'm using wireless is for a music streaming setup (I've brought that up elsewhere).  I'm using Slimserver to stream the music from the server.  I have one Squeezebox but I'll be adding more players based on the WRTLS54GS with OpenWRT on them and speakers added.  Other than Squeezeboxes, Slimserver keeps track of separate players by their IP addresses.  That means any other players I put on the WLAN will all end up with the same IP address because of NAT after their packets pass through the WRT54G, so they'll all be seen as the same player.

To solve this, I've noticed in WebIF^2 that I can split the WLAN from the switch bridge.  This is where I am confused.  I *think* what will work is to split the WLAN from the bridge, run a cable from the Linksys switch to the LAN side on the WRT54G, continue let the router be seen as a specific address in the 172.16.7.xxx range, then on the WLAN side, use a different range, like 172.16.8.xxx for anything on the WLAN, which would give each item on the WLAN side a separate address that could recognized as distinct by my other net (I might have to change any case where I masked with 255.255.255.0 to 255.255.0.0).

Is this possible?  If it's possible, then when I create any firewall rules, is it possible to specify the firewall is between the WLAN and the wired connections?

As I said, I'm not clear if this can work and what I need to study to understand it.  If there's a better way to do it, then I'm open to it.  I am basically trying to keep a firewall between my existing LAN and the WLAN, but I want the systems on the LAN to be able to recognize the distinct IP addresses within the WLAN.  Is there a better way to do this?

I'm not quite sure where to start reading to figure this out so I'm open to suggestions on better ways to do this.  My goal is to be able to all off the WLAN (for security) but still have the LAN see the different IP addresses on the WLAN side.

Thanks for any help, suggestions, links or ideas!

Post #2
pric0112
1 Aug 2007, 16:01

Yes it is all possible. The first thing you'll want to do is remove the setting that links the wl0 wifi interface with the lan switch. I used: "uci del wireless.cfg2.network". After that you'll need to name and add the wl0 interface to the network config. I used "uci set network.wifi=interface", then set the network.wifi.* settings. Then as you mentioned, you'll have some firewall configuration to tackle.

The discussion might have continued from here.