Net Obtain Only Router: Independent Each individual Ethernet Port Utilizing DD-WRT

Summary
The intention is to use a secondary router to link desktops to the Web although guaranteeing that they do not see any other computers on the LAN. DD-WRT ought to be set up on the secondary router. Consumer Mode wireless is employed to wirelessly join the secondary router to the major router for the purpose of delivering an Web connection to all computers plugged into the secondary router. Every single actual physical port on the back of the router is then put into its own VLAN (Virtual Neighborhood Region Community). Last but not least, firewall policies are additional to the router to avert conversation involving VLANs and the relaxation of the LAN.

The pursuing recommendations were published specially for DD-WRT v24 preSP2 managing on the WRT54GS 1., but they must do the job high-quality on any router that supports VLANs.

Vital Take note if you are using the WAN port rather of Consumer Mode wireless:

1. On the Set up -> Fundamental Set up site, do not examine “Assign WAN Port to Switch”.
2. On the Set up -> Networking webpage, do not set VLAN1 to Unbridged nor give it a DHCP server.

Guidelines

1. Reset router to Manufacturing unit Default options
   • Reset both by working with the website interface or by accomplishing a 30-30-30 Really hard Reset.
   • Go to 192.168.1.1 in your net browser and established the Username and Password.
2. Shopper Method Wi-fi Setup (for Internet Entry)
   • Go to Wi-fi -> Wi-fi Stability.
     • Configure all options to match your most important router’s wireless options.
     • Simply click Save.
   • Go to Wireless -> Standard Settings.
     • Improve “Wi-fi Mode” to Customer.
     • Change “Wireless Community Identify (SSID)” to your primary router’s SSID. Capitalization and spelling are vital.
     • Click on Preserve.
   • Go to Setup -> Basic Set up.
     • (OPTIONAL) Set the “Router Identify” to whatever you drive.
     • Under Network Set up -> Router IP change “Nearby IP Tackle” to 192.168.2.1.
     • Check out “Assign WAN Port to Change”.
     • Set the “Time Options” correctly.
     • Simply click Save, then Implement Settings.
   • Unplug the energy for 30 seconds and then plug it back again in. Wait for the lights to return to regular.
3. VLAN configuration of ports WAN, 1, 2, and 3.
   • Go to 192.168.2.1 in your website browser.
   • Go to Setup -> VLANs.
     • Uncheck ports 1, 2, and 3. Put port 1 into VLAN2, port 2 into VLAN3, and port 3 into VLAN4.
     • Make confident VLAN1 is not assigned to any bridge.
     • Simply click Help you save, then Implement Configurations.
   • Plug your Ethernet cable into port 4 on the router if it is not previously there.
   • Unplug the electrical power for 30 seconds and then plug it back in. Hold out for the lights to return to typical.
   • Go to Setup -> Networking.
     • Beneath “Port Setup” established VLAN1 to Unbridged.
       • Set the IP Deal with to 192.168.3.1
       • Established the Subnet Mask to 255.555.255.
     • Less than “Port Set up” established VLAN2 to Unbridged.
       • Established the IP Tackle to 192.168.4.1
       • Established the Subnet Mask to 255.555.255.
     • Underneath “Port Set up” established VLAN3 to Unbridged.
       • Set the IP Tackle to 192.168.5.1
       • Established the Subnet Mask to 255.555.255.
     • Underneath “Port Set up” established VLAN4 to Unbridged.
       • Established the IP Address to 192.168.6.1
       • Set the Subnet Mask to 255.555.255.
     • Click Help you save.
     • Less than DHCPD click on Incorporate.
       • Established DHCP to vlan1 with a Leasetime of 1440 (24 hrs).
       • Click Preserve.
     • Beneath DHCPD simply click Incorporate.
       • Set DHCP 1 to vlan2 with a Leasetime of 1440 (24 hours).
       • Simply click Conserve.
     • Below DHCPD click on Include.
       • Established DHCP 2 to vlan3 with a Leasetime of 1440 (24 hours).
       • Click Conserve.
     • Underneath DHCPD simply click Increase.
       • Established DHCP 3 to vlan4 with a Leasetime of 1440 (24 several hours).
       • Click Save.
     • Click Implement Options.
   • Plug your Ethernet cable into any port on the router apart from port 4.
   • Unplug the electricity for 30 seconds and then plug it back again in. Wait for the lights to return to ordinary.
4. VLAN configuration of port 4.
• Go to 192.168.2.1 in your world-wide-web browser.
• Go to Set up -> VLANs.
• Uncheck port 4 and spot it into VLAN5.
• Click on Preserve, then Utilize Options.
• Unplug the electricity for 30 seconds and then plug it back again in. Wait for the lights to return to regular.
• Go to Setup -> Networking.
• Below “Port Setup” set VLAN5 to Unbridged.
• Established the IP Handle to 192.168.7.1
• Set the Subnet Mask to 255.555.255.
• Click on Save.
• Underneath DHCPD simply click Insert.
• Set DHCP 4 to vlan5 with a Leasetime of 1440 (24 several hours).
• Click Conserve, then Utilize Settings.
5. Add Firewall regulations to isolate the VLANs.
• Go to Administration -> Instructions.
• Duplicate and paste the following instructions into the textbox:
  iptables -I Ahead -i vlan+ -o vlan+ -j Drop
  
  iptables -I Forward -s 192.168.1./255.255.255. -j Fall
• Click “Preserve Firewall”.
• Command 1 Notes
• This command blocks conversation amongst all VLANs. If you ended up applying the WAN port to deliver Net obtain as a substitute of Shopper Manner wi-fi, not only would you not unbridge VLAN1 nor give it a DHCP server, you would also have to have to include the next instructions underneath the 1st in order to enable conversation with VLAN1 (the VLAN that consists of the WAN port). Be sure to take note that these commands might not do the trick as they have not been analyzed:
iptables -I Forward -i vlan+ -o vlan1 -j Accept

iptables -I Ahead -i vlan1 -o vlan+ -j Acknowledge
• Command 2 Notes
  • This command blocks all communications with the 192.168.1.x subnet. This subnet is probably the only subnet in use on your main router. Come to feel cost-free to change it or replicate it to block all of the subnets employed on your principal router.
6. Finalize Configurations
• Go to Set up -> Primary Set up.
• Click on Help you save, then Implement Configurations.
• Unplug the electrical power for 30 seconds and then plug it back in. Wait for the lights to return to standard.