Part 2 of my Move back to Open Source Networking with OpenWRT, VLANs, and Wifi Access Point Setup
Вставка
- Опубліковано 29 чер 2024
- === Links ===
Show Notes
wiki.opensourceisawesome.com/...
OneMarcFifty (An incredible Wealth of Knowledge on OpenWRT)
/ @onemarcfifty
Dev Odyssey
/ @devodyssey
Get the AwesomeOpenSource Merchandise
awesomeopensource.creator-spr...
Support my Channel and ongoing efforts through Patreon:
/ awesomeopensource
Buy Me a Coffee or Beer
paypal.me/BrianMcGonagill?cou...
=== Timestamps ===
00:00 Beginning
00:09 Introduction to OpenWRT AP Setup for VLANs and Wifi
01:35 Thank you to my Patrons at Patreon, and my subscribers at UA-cam
02:15 Warning to watch Part 1 if you haven't already.
02:50 Setup our OpenWRT Access Point from Scratch
04:55 Setting up VLANs on our AP
10:00 Getting Reconnected after VLAN Interface Setup
11:25 Wireless Setup for our VLANs and Access Points
16:55 Testing our Internet Connectivity after Wifi VLAN Setup
18:10 Use a Backup of our Config to make Setup of Other APs Easier
19:30 Firewall Setup on OpenWRT
31:00 Testing our Connectivity after Firewall Setup
33:10 Update on how the network is doing after 2 weeks of full time use.
=== Contact ===
Twitter: @mickintx
Telegram: @MickInTx
Mastodon: @MickInTx@fosstodon.org
Try out SSDNodes VPS Services! Amazing Specs for incredibly low costs. I'm running a 32 GB RAM / $ CPU Server for only $9 a month! Seriously. FOr long term server usage, this is the way to go!
www.ssdnodes.com/manage/aff.p...
Get a $50.00 credit for Digital Ocean by signing up with this link:
m.do.co/c/a6a61ae55242
Use Hover as your Domain Name Registrar to get some great control over you domains / sub-domains:
hover.com/SHPaiirr
Support my Channel and ongoing efforts through Patreon:
/ awesomeopensource
What does the money go to?
To Pay for Digital Ocean droplets, donations to open source projects I feature, any hardware I may need to purchase for future episodes (which I will then give to a subscriber in a drawing or contest).
=== Attributions ===
Intro and Outro music provided by www.bensound.com - Наука та технологія
For your 5ghz wireless radios it may be the frequency, Tri-bands usually have one radio for lower 5.2ish and another for higher 5.8ish. Also thank you for such a detailed video that's helped me out a ton
Thanks for the info! Glad you liked my video.
Great work, thank you so much!
My pleasure.
With so many OpenWRT devices you may want to give OpenWISP a try, look forward to a video on that as well
I just installed OpenWisp the other day. It's probably overkill for 4 devices, but I could definitely see it growing to more in the future...and I'd love to provide more insight into OpenWisp as well.
It would be nice if there were open source alternatives to UniFi. There is OpenWISP but it isn’t exactly the same.
I actually just got OpenWisp setup. I haven't added any devices yet, for fear it will reset my configs, but I'm planning to setup some testing devices soon. An eventual video is sure to follow.
On your second router, you can remove the zones, then make a rule that only from this interface you can receive internet or being management
Oh, you mean the firewall zones? Yeah, since they are "dumb" APs they don't really need any of that stuff.
@@AwesomeOpenSource Yes, I do. That's correct. Get rid of the zones, then add or create a traffic rule that only accepts protocols {tcp, udp, icmp}. Finally, in the advanced settings tab || Math device = inbound device, below here you choose the interface name "the interface that you access to the main router" of your main router.
@@AwesomeOpenSource I forget to say that in the firewall Zones you need to setup INPUT DROP
OUTPUT ACCEPT FORWARD DROP. This is to add layer of security.
Apologies if I missed it, but can you link to the hardware used in this video? The main router and the APs? Thanks very much
I don't have links in particular. The Router is an HP T610 with an added four port Gbit network card in it. Got it on Ebay a few years ago now for about $60.
The Wall Plate APs are TP-Link EAP615s. They are powered PoE, so it really makes it nice and clean for install in my home.
@@AwesomeOpenSource Now that you have been running OpenWRT on the EAP615's for a few months, how is it working out? I have a few EAP 225's and a EAP235-Wall running stock. Get drops all the time. Maybe a follow up video or x month review on the setup and how it is doing.
very great video. thanks for sharing
Thanks for watching!
@@AwesomeOpenSourceim from malaysia. here we use pppoe. i need to setup vlan500(from my isp) to make it work. i use pfsense(quad port) and openwrt(as wifi AP) but stuck on vlan. i try to learn from your video. my situation is not quite different from yours setup.
Out of curiosity, why did you set-up automatic reboot each week?
Habit I suppose. I think it's good to just reboot things, particularly with a semi-busy network. Not anything that has to be done unless you see a reason to do it, or a benefit to it.
Hey Fren, I can not find any good video/resources on how to setup the following scheme: pfsense(VLANs)>>>Unifi(ubiquiti managed switch)>>>openWRT APs.
Can you help me, fren?
I love @onemarcfifty's videos...
He's awesome!
Very comprehensive video however I'm still confused because the vlan options Im getting are Egress Untagged, Egress Tagged and Primary Vlan ID
I think those are just the older naming convention. Tagged Untagged and Primary are the same as Egress Tagged, Egress Untagged, and Primary VLAN. Should still work out.
Ok, I was slightly concerned since there's no ingress option and I wasnt sure if it would only work for the router and not the AP.
So if you could briefly explain? What exactly is the use case for the Primary setting and why is it not needed in this setup?
If you set multiple VLANs to untagged on the way out of the router, then any computer or device on that line wouldn't know which VLAN to pull and address from. The Primary VLAN tells the machines on that line which untagged VLAN they should pay attention to. At least, that's how I use it.
Did you flash OpenWRT on the Ap's as well. If you have can you make a video of how to do it. Also will changing my main router from pfsense to Openwrt help. The only issue i see is with roaming between Ap's that is not that great with my omada setup
I did. I just followed the instructions on the OpenWRT site for those devices. I'll see if I can get something put together. I'll be moving at some point (hopefully soon), and may try to re-set it up fresh. So far it's working super well, and I don't want to mess with what's working.
@@AwesomeOpenSource I figured out what is issue was it was with the encription i had it setup for WPA3/WPA3 but i was failing since the EAP 245 can not do WPA3 encription only Wifi6 devices can. Once it changed it roaming is working perfectly
Simple ??? I define "simple" as in my 7 year old Netgear WNR2020 router (which by the way has performed flawlessly over all that time and it does not look like it was designed by a frustrated stealth aircraft engineer). Of course it only has 802.11 b/g/n (2.4GHz) but I only use WiFi for couple a Android devices that I tend to avoid like the plague. I have been looking at OpenWRT because I am considering installing a couple of WiFi video cameras ... but wait, they only use the 2.4GHz band anyway. I might have to watch your videos a couple of times to get a good gist of what you are doing. You have done an excellent job on the videos but I am old, senile, half blind and have a thick skull :-)
Sure, but does your 7 year old netgear do VLANs? Does it allow me to separate all of the conceerns on my overly large home network? Probably not out of the box. That said, I dream of the days where an OTS router could handle what I needed. It's just that as my needs grow so do the requirements for my networking. The "simple" side of it is getting a network setup with advanced features that I rarely have to mess with.
So you had to find different versions of openwrt for each ap right?
Yes, sometimes the versions are slightly different, but the version that’s stable is on the device page for OpenWRT as a link, so it’s not a huge search.
That is nice and all but isn't PFSense or OPNSense easier to configure? this openwrt seems convoluted as in pfsense you can just create lans/vlans and just connect an access point to that lan interface
Let’s be honest, pfSense and OPNSense both lack simplicity when it comes to creating VLANs. Sure you can do it, and it should work, and I’ve done it in pfSense and DD-WRT already. Worked okay. This was just another way to do it. It’s really down to the user. If pfSense works for you, then use it. It’s a great bit of open source software.
In a way yes true, it's a bit more configuration in pfsense, so using OpenWRT seems like another good alternative for users wanting to take a different approach, I was just considering in using it for an old router as an access point by using (OpenWRT) firmware but not sure yet as I was planning to user OpenWRT access points connected to PFSense router, but thanks for the great videos! you make the best more descriptive videos on software 😁@@AwesomeOpenSource
@@ltonchis1245 really glad my content helps and informs.