We have a couple of Mt in AP mode. We currently bridge Vlan coming from L2 switches or Nstreme Backhaul With taged vlans with VAP untaged. We have several Vlan, to isolate broadcast and traffic.
The part we are missing, is how to route between Vlan without bridging them together
… __Vlan2
ie: Vlan1 ----< Vlan3
… __Vlan4
Where Vlan1 = 10.1.1.1
Vlan2 = 10.1.2.1
Vlan3 = 10.1.3.1
Vlan4 = 10.1.4.1
And
10.1.1.1 can communicate with 10.1.2.1, 10.1.3.1, 10.1.4.1
10.1.2.1 cannot communicate with 10.1.3.1, 10.1.4.1
10.1.3.1 cannot communicate with 10.1.2.1, 10.1.4.1
10.1.4.1 cannot communicate with 10.1.2.1, 10.1.3.1
Anyone have an idea how we could achive this?
You didn’t express your IP addresses in CIDR notation, so that limits what people could help you with. If you have the proper IP addresses and subnets, no firewall rules blocking, NAT rules changing addresses, and proper default gateways on all hosts then the AP/routers should route the traffic normally. The VLAN’s are just separate Ethernet interfaces.
all the subnets are /24.
in other words, we have some customer vlan (/24) and we currently have some monitoring computers with vlan aware cards but we want to remove those vlan from the workstation and give them access to all the customer vlans from the management vlan. The only thing is that the customer vlans should not be able to see each other.
Add the routing info into the system. So all lans are reachable and then lock down the vlans using firewall rules. That is how I do it.
Sotiris