I am new to GL.iNet and I still learning. I have managed to configure most services I want to use, but I cannot get VLAN configured. I replaced a Synology RT6600ax with the GL.iNet GL-MT6000 (Flint 2), but I kept my three Synology MR2200ac routers and I have them in access point mode with mesh. There is a primary MR2200ac that controls the other two access points.
The primary network on the access points is not VLAN tagged and therefore passes clients to the DHCP on the Flint 2. However, the guest network on the access point has a VLAN tag and the clients cannot be passed off to the guest network DHCP on the Flint 2. This means all the Flint 2 sees is the main access point IP address and that access point handles DHCP. I have tried turning off the DHCP on the access point, but this did not work. Having the guest network handled entirely by the access point does work, but I would prefer the Flint 2 to handle the DHCP.
The bigger issue without being able to configure VLAN is not being able to create an IoT network. For now, I have all my IoT devices on my guest network, but I would prefer they have a dedicated network. This way I have my primary network, a guest network, and an IoT network. I attempted to create an IoT network on the access point, but Synology would not allow another DHCP in access mode. The only solution I saw was to keep using the guest network.
I followed various tutorials on the web, even the videos by OneMarcFifty, but nothing worked with my access points. I created an IoT network on the Flint 2, but I did something incorrect and I could not get the WiFi to work (I forgot the error name). If it did work, I would still need VLAN so I could use the access points. My Flint 2 is in the basement equipment room, so the signal gets too weak for the cameras around the outside of my house.
To sum up, I would first like to be able to have VLAN working so my guest network on my access points would have DHCP handled by the Flint 2 guest network. Then, if possible, I would like to create an IoT network on the Flint 2 and add one to my access points. This would require VLAN since DHCP will not work.
SSH to the router, execute these commands to add the iot network group and iot wifi radio on the Flint 2, and reboot to apply:
# /etc/config/network
uci add network device # =cfg1b0f15
uci set network.@device[-1].type='bridge'
uci set network.@device[-1].name='br-iot'
uci set network.iot=interface
uci set network.iot.proto='static'
uci set network.iot.device='br-iot'
uci set network.iot.ipaddr='192.168.11.1'
uci set network.iot.netmask='255.255.255.0'
# /etc/config/dhcp
uci set dhcp.iot=dhcp
uci set dhcp.iot.interface='iot'
uci set dhcp.iot.start='100'
uci set dhcp.iot.limit='150'
uci set dhcp.iot.leasetime='12h'
uci add_list dhcp.iot.ra_flags='none'
# /etc/config/firewall
uci add firewall zone # =cfg26dc81
uci set firewall.@zone[-1].name='iot'
uci set firewall.@zone[-1].input='ACCEPT'
uci set firewall.@zone[-1].output='ACCEPT'
uci set firewall.@zone[-1].forward='REJECT'
uci add_list firewall.@zone[-1].network='iot'
uci add firewall forwarding # =cfg27ad58
uci set firewall.@forwarding[-1].src='iot'
uci set firewall.@forwarding[-1].dest='wan'
# /etc/config/wireless
uci del wireless.mt798612.disabled
uci set wireless.wifinet4=wifi-iface
uci set wireless.wifinet4.device='mt798612'
uci set wireless.wifinet4.mode='ap'
uci set wireless.wifinet4.ssid='GL Router-IoT-5G'
uci set wireless.wifinet4.encryption='psk2'
uci set wireless.wifinet4.key='goodlife'
uci set wireless.wifinet4.network='iot'
uci set wireless.wifinet4.ifname='rax2'
uci del wireless.mt798611.disabled
uci set wireless.wifinet5=wifi-iface
uci set wireless.wifinet5.device='mt798611'
uci set wireless.wifinet5.mode='ap'
uci set wireless.wifinet5.ssid='GL Router-IoT-2.4G'
uci set wireless.wifinet5.encryption='psk2'
uci set wireless.wifinet5.key='goodlife'
uci set wireless.wifinet5.network='iot'
uci set wireless.wifinet5.ifname='ra2'
uci commit
reboot
About the VLAN:
please find and config it on the Luci -> Network -> Interface -> Devices -> br-lan/br-guest/br-iot -> Config... -> Bridge VLAN filtering
Thank you for that easy to implement IOT network. Unfortunately, I cannot figure out VLAN on the Flint 2.
In my use case my Synology access points would broadcast three wireless networks, a primary network (untagged), a guest network (VID 10), and an IOT network (VID 20). My three access points are wired and connected directly to LAN5, LAN4, and LAN3 on the Flint 2. LAN2 is connected to a gigabit switch and LAN1 is connected to a 2.5Gb switch. These are not managed switches. WiFi is turned off on the Flint 2 since it is in a basement equipment room.
I have no special firewall needs to have devices on different VLANs communicate with one another. I would use network isolation on the guest and IOT networks. My primary network would not use network isolation.
A tutorial on how to configure the VLAN would be greatly appreciated. It would be a great follow-up to your instructions on how to configure an IOT network.