The more I read the more indecisive I become.
Here is what I currently have. Modem - wrt54gl running tomato (radio, port 1 and 2 on one vlan, port 3 on another vlan and port 4 on another) port 1 connects to a non wireless router set as an access point to feed all my wired computers, port 2 connects to my airwaive router to boost my phone service. Port 3, another vlan is connected to a wireless router set as an access point. Port 4, the last vlan is also connected to another wireless router set as an access point.
I need to add one more and keep it separate from the other networks so I was thinking, reconfigure the wrts54gl to have 4 vlans but I would still need to get another wireless router to give access to internet through that vlan.
I thought I would just buy another wrt54gl but the more I got to looking there are some nice newer routers out there that can also run tomato and that led to a lot of other questions and indecisions.
What router should I use? WRT54GL or Asus NT-66U or some other?
Would it be more practical or is it possible to setup guest networks to do the same thing all using the one radio?
Can guest networks be encrypted and if so can they be independently encrypted? Like 2 people in the house with a laptop on two separate guest networks with their own login?
If that is possible I would still need to have at least 1 port on another vlan as well.
I am tired of searching the internet for answers if someone could help with some good advise it would be greatly appreciated.
Thank you in advance
Date: 12 Mar 2013 22:37
Number of posts: 9
RSS: New posts
The more I read the more indecisive I become.
Using Tomato you can create numerous guest networks and bride them to any vlan you choose. You can also set physical ports to certain vlans as well as have independent security and network configs for each subnet on each vlan. Takes a little bit of work, but it is all worth it. There are various forum posts that describe in detail how to accomplish this task.
I currently have 2 guest networks, independent to each other, each with it's own DHCP range. All networks are segregated from each other using iptables, and all have access to internet.
As far as router brand, I just upgraded from a Linksys E3200 to the ASUS RTN66-U and I will never look back. On my laptop I am getting the same internet speeds as being wired (on the 5Ghz of course). This is with over 25 other WiFi networks in the area.
You can also set physical ports to certain vlans as well as have independent security and network configs for each subnet on each vlan.
That is what I have now with 3 vlan's on physical ports using separate routers for wireless access on each vlan.
Using Tomato you can create numerous guest networks and bride them to any vlan you choose.
I guess this is the part I don't understand. Does this mean I can use 1 router and have 3 different vlans using the radio in that router leaving my physical ports alone eliminating the need for the extra routers I am using now?
For instance can I have port 1,2,3 and radio on vlan 1. Port 4 on vlan 2 and then have a vlan 3,4,5 using just the radio?
That is correct. You create the bridges, then assign the vlans to the bridge as well as create the guest networks and point them to whichever bridge you want. You can than choose which physical ports to connect to whichever bridge.
Assign Vlan Ports to Bridge
Create VAP (Guest)
Assign VAP to Bridge
Of course you will need to add some firewall rules in there to segregate them from each other.
Thank you for all your help.
All my networks are segregated from each other using iptables, and all have access to internet and their own DHCP range. I also have the firewall rules.
With the information you provided I should be able to do what I want on my WRT54GL as well.
Off to study more about configuring Tomato.
I have a couple final questions if you could help.
First: I have ordered an Asus NT-N66U.
When it gets here what Tomato version should I flash it with to do what I want?
tomato-K26USB-1.28.RT-Ns5x-MIPSR2-108-Mega-VPN-64K.trx? or what do you suggest?
Second: I have Tomato 1.28 installed on my WRT54GL and I setup the vlans using CLI. It is rock solid, the only time it gets reset is when the power goes out for so long that my backup has to shut down.
After doing a lot of research there are a lot of Tomato builds that allow the setup of vlans from the GUI. I really like that but there are so many different builds that I have no idea what one to use and which ones will keep it rock solid.
I received my Asus RT-N66U and have the latest version of Shibby installed and setup the way I want it. Everything seems to work the way I want it to.
I have the transmit power set to 0. Is this ok?
The only part I am having trouble getting my head around is the Firewall settings and the Firewall Rules. I have read hundreds of post on the net but most all of them are really old and I am not sure if they still apply. Some post even say with the new GUI I don't need any Firewall rules. Can someone help me out with this?
Here are a couple screenshots of my setup.
Can someone help me out with what I need to put under administration/scripts to separate these networks. I still don't understand what exactly I need in there and why. Other than that everything has been working perfect for a month now.
Thank you in advance for your help
if your router is not working properly then you have to once try the wireless router or 3g routerADSL 2+ it help you to increase your net speed
3g router,wireless router, wi-fi booster