Question

Hi you good people!

Using: RUT9XX_R_00.06.08.3

I set up VLAN on my RUT955 there are now two LAN Adapters with two different static IP ranges and that works fine.

Network1: 192.168.1.1 (one PC connected with 192.168.1.101)

Network2: 192.168.2.1 (one PC connected with 192.168.2.202)

Now, I would like to allow traffic between these two separate networks / computers.

Unfortunately, I can not find any setting in the "Static Routes" that will make this work :-(

Can you help me to do this?

Thank you!

Answer 1

Hi,

Is there any chance for you to use our latest firmware instead?

You may download it from this link, by using this version, it will be easier for us to interact as all of my device is using new firmware

Comments

Sorry that isn't possible.

It is crucial to us to run the legacy FW

Please Support me nonetheless, this is important!

Thanks

Answer 2

Bump!

Can anyone help me on this one please?

I need two different VLAN networks created on a RUT955, which are in two different IP ranges to be able to communicate with each other.

Thanks!

Comments

What are the routes on both PCs ? The default route? You may also want to check the iptables forward rules on the RUT955:

iptables -n -L | grep FORWARD

Is forwarding between the two VLANs enabled ?

---

Q1: What are the routes on both PCs ? The default route?

A1: I set the default gateway of each PC in the VLAN to be the IP-Adress of the RUT955 VLAN-Address in order to rout any traffic that is not in the IP range locally to the RUT955

____________________________________________________________

Q2: You may also want to check the iptables forward rules on the RUT955: iptables -n -L | grep FORWARD

A2: I have set no port forwarding rules, because I thought communication with two VLANS would be configured with static routs!

What kind of port forwarding ruole do I need to do this?

____________________________________________________________

Q3: Is forwarding between the two VLANs enabled ?

A3: I dont know what you mean by this - do you mean port-forwarding?

____________________________________________________________

Thanks!

---

> What kind of port forwarding ruole do I need to do this?

No explicit port forwarding, either set VLAN1 <-> VLAN2 forwarding to ACCEPT in the firewall menu, add explicit rules via ssh  or Custom rules:

iptables -A FORWARD -i interface-of-vlan1 -o interface-of-vlan2 -j ACCEPT

iptables -A FORWARD -i interface-of-vlan2 -o interface-of-vlan1 -j ACCEPT

Use ifconfig to get the interface names if you don't have them already.

Answer 3

I tried, but did not get anywhere :-(

[email protected]:~# iptables -n -L | grep FORWARD

Chain FORWARD (policy DROP)

[email protected]:~# iptables -A FORWARD -i eth0.111 -o eth0.222 -j ACCEPT

[email protected]:~# iptables -A FORWARD -i eth0.222 -o eth0.111 -j ACCEPT

[email protected]:~# iptables -n -L | grep FORWARD

Chain FORWARD (policy DROP)

[email protected]:~#

What am I doing wrong?

[email protected]:~# ifconfig

br-lan    Link encap:Ethernet  HWaddr 00:1E:42:36:EF:9E

          inet addr:192.168.8.254  Bcast:192.168.8.255  Mask:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

br-lan_222 Link encap:Ethernet  HWaddr 00:1E:42:36:EF:9E

          inet addr:192.168.222.1  Bcast:192.168.222.255  Mask:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:4568 errors:0 dropped:0 overruns:0 frame:0

          TX packets:1997 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:393796 (384.5 KiB)  TX bytes:581924 (568.2 KiB)

br-lan_lan111 Link encap:Ethernet  HWaddr 00:1E:42:36:EF:9E

          inet addr:192.168.111.1  Bcast:192.168.111.255  Mask:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:9165 errors:0 dropped:0 overruns:0 frame:0

          TX packets:4042 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:1115693 (1.0 MiB)  TX bytes:1053574 (1.0 MiB)

eth0      Link encap:Ethernet  HWaddr 00:1E:42:36:EF:9E

          inet6 addr: fe80::21e:42ff:fe36:ef9e/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:13762 errors:0 dropped:0 overruns:0 frame:0

          TX packets:6047 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:1758539 (1.6 MiB)  TX bytes:1660542 (1.5 MiB)

          Interrupt:5

eth0.1    Link encap:Ethernet  HWaddr 00:1E:42:36:EF:9E

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth0.111  Link encap:Ethernet  HWaddr 00:1E:42:36:EF:9E

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:9186 errors:0 dropped:21 overruns:0 frame:0

          TX packets:4042 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:1116659 (1.0 MiB)  TX bytes:1053574 (1.0 MiB)

eth0.222  Link encap:Ethernet  HWaddr 00:1E:42:36:EF:9E

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:4576 errors:0 dropped:8 overruns:0 frame:0

          TX packets:1997 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:394164 (384.9 KiB)  TX bytes:581924 (568.2 KiB)

eth1      Link encap:Ethernet  HWaddr 00:1E:42:36:EF:9F

          UP BROADCAST MULTICAST  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

          Interrupt:4

lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          inet6 addr: ::1/128 Scope:Host

          UP LOOPBACK RUNNING  MTU:65536  Metric:1

          RX packets:45725 errors:0 dropped:0 overruns:0 frame:0

          TX packets:45725 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:3298542 (3.1 MiB)  TX bytes:3298542 (3.1 MiB)

Comments

Your FORWARD policy is set to DROP, set it to ACCEPT instead.

iptables -P FORWARD -j ACCEPT

---

Hi - unfortunately it doesnt´t work - see here:

####################################################

[email protected]:~# iptables -A FORWARD -i eth0.111 -o eth0.222 -j ACCEPT

[email protected]:~# iptables -A FORWARD -i eth0.222 -o eth0.111 -j ACCEPT

[email protected]:~# iptables -n -L | grep FORWARD

Chain FORWARD (policy DROP)

####################################################

After I set the commands with ACCEPT I still get this:  

Chain FORWARD (policy DROP)

---

iptables -P FORWARD ACCEPT

No -j here sorry.

Answer 4

Well I got the ACCEPT now but still no ping or other traffic from VLAN1 to VLAN2:

[email protected]:~# iptables -P FORWARD ACCEPT

[email protected]:~# iptables -n -L | grep FORWARD

Chain FORWARD (policy ACCEPT)

[email protected]:~# iptables -A FORWARD -i eth0.1 -o eth0.2 -j ACCEPT

[email protected]:~# iptables -A FORWARD -i eth0.2 -o eth0.1 -j ACCEPT

[email protected]:~# iptables -n -L | grep FORWARD

Chain FORWARD (policy ACCEPT)

Also I can not see that anything changed in the GUI of the RUT955

Please help me here!

Answer 5

Can someone please help me on this?

It can't be that difficult to set the RUT955 to communicate VLAN101 and VLAN202 

Here are screenshots of the settings of my RUT955:

https://ibb.co/m8hdnjv

https://ibb.co/68m4tq4

https://ibb.co/jvqwsdy

https://ibb.co/WVff2Nt

https://ibb.co/W5HLJNn