2 Networks

7 posts / 0 new
Last post
ray77
ray77's picture
2 Networks

Hi Guys,

I would like to know if it is possible on tomato to create 2 wireless networks. The first network I want it to use my internet as normal  and the second I would like it to use a VPN is this possible and how do I go about doing this?

microchip
microchip's picture
it's possible but you're

it's possible but you're light on the details

you can go to Basic -> Network and add a second bridge (br1) with IP as (example) 192.168.2.1 or 10.0.0.1. Then in Advanced -> VLAN add a new VLAN entry and only set Bridge to LAN1 (br1). Don't touch the wired ports which should all be unchecked.

in Advanced -> Virtual Wireless, setup your wl0.1 and wl1.1 interfaces then go back to Advanced -> VLAN and set under Wireless "Bridge wl0.1 to LAN1 (br1)" and "Bridge wl1.1 to LAN1 (br1)"

now you have two separate wireless networks that can't talk to each others. Configure your VPN to only listen on the second network

ray77
ray77's picture
Thanks microchip your awesome

Thanks microchip your awesome appreciate the help  

ray77
ray77's picture
Hi Microchip how would i go

Hi Microchip how would i go about setting up the VPN to only work with the second network?

microchip
microchip's picture
I'm not sure on that one. I

I'm not sure on that one. I never use VPN myself so I haven't played much with it. I skimmed at the VPN GUI options and there doesn't seem to be one to force it to use a specific interface. You may need to SSH/Telnet to the router and manually set it in its config, if possible at all. This *may* help, but am unsure http://unix.stackexchange.com/questions/27275/how-to-configure-openvpn-t...

Peter Redmer
Peter Redmer's picture
This was something I had

This was something I had tried to do with my setup (C7000 acting as a modem and R8500 as router)

It is possible to have a separate wireless AP (virtual) that runs through a OpenVPN connection, but it's tricky. It involves using iptables, something I'm not currently an expert in. Some more info here:

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=161194

There are other ways to accomplish the goal. One tactic I had some success with was configuring the C7000 to act both as a modem and a router, with the R8500 as a separate router on the network, both running DHCP. The C7000 put out a regular wireless connection and all connections to the R8500 were through OpenVPN. You do have to put the modem/router in the R8500's DMZ to avoid double NAT issues though.

This worked, but I don't think it performed as well as it could have. Currently, I'm testing a different method -- using the client on my local machines. This seems to provide much better throughput as it isn't limited by the router and the firmware, but it's more of a pain as the client has to be installed on each device and always running.

You could also have a second DD-WRT or Tomato router in access point mode with OpenVPN, that might be the easiest way.

ray77
ray77's picture
Thanks, peter & microchip for

Thanks, peter & microchip for your help, hey peter if you figure out a way of doing this and its not too hard to do please let me know thanks.