Vlan over wireless bridge with internet sharing?

Hi Community, my first post here, hoping somebody may be able to advise...
I live on a farm which is too far for broadband but fortunately I also have an office in a nearby town and because I have line of sight I have setup a wireless bridge, this gives me 8 MBits which is wonderful. Some of my equipment, for example a NAS is on the farm, and I need to access them from the office via the wireless link and I occasinally use vnc to access my office desktop from the farm. This all works beautifully.
Ok. now I want to share my internet with my neighbor on the farm, who, in a strange twist also rents an office next to mine downtown, so I would like to give him access to the internet and to his equipment he has there too.. but I don't want him to be able to access my equipment and visa versa I don't want to see his stuff...
This sounds like a job for port based VLAN.. and so what I bought is two Linksys/Cisco SLM2005 layer2 switches in the hope that this would allow me to do what I want... but I'm not so sure now. In the office I use a draytek v2910 which has a vlan feature that allows me to separate the ports from each other, only giving them internet access.
So... if I connect these two switches to each other, and I create a VLAN with the same id on each of the switches, will the corresponding vlans be shared, so, if you assume the following hardware setup:
farm: slm2005 switch
port 1 -> wireless bridge to office: member of vlan "2", "3"
port 2 -> access point A for neighbor: member of vlan "2"
port 3 -> my own access point B: member of vlan "3"
office: slm2005 switch
port 1 -> wireless bridge to farm: member of vlan "2", "3"
port 2  -> access point C for neighbor: member of vlan "2"
port 3 -> my access point for office D: member of vlan "3"
port 4 -> router port 1: member of vlan "2"
port 5 -> router port 2: member of vlan "3"
the router (draytek v2910) is configured in such a way to separate port 1 and port 2 (otherwise there would be a loop...)
The idea here is to create a vlan "2" for my neighbor and "3" for myself. but what's the correct way to consider the wireless bridge inbeetween (in fact, I think the same problem would occur if I just connected the two switches with a cable (if i had a 2 mile long one..)...)
Will my neighbor be able to see both access points "A" and "C" and the internet, but not be my access points "B" and "D"? Or does this whole concept of VLAN over bridge not work like this, or not at all?
Thanks in advance for any advice,
Andres

Hi Andreas,
you're not far from it.
Your whole concept is ok. What you just need is on the gateway of each subnet (I would presume it's the router in the office) to create an access list preventing to route between vlan 2 and 3.
On all other devices,  traffic can't jump between vlans. But on a routing device that has the Vlan layer3 interfaces, traffic is routed between vlans so that's where you need to prevent it.
With regards to vlans over wireless, you're also having the good concept. The point is to have only 1 ssid, that will be in a certain vlan, but also bridging the other vlans onto that ssid.
This doc should help you out :
http://www.cisco.com/en/US/partner/products/hw/wireless/ps4570/products_configuration_example09186a00801d0815.shtml#vlanbr
HTH,
Nicolas
Thanks to rank the answer if you see it as useful !

Similar Messages

  • Low throughput over wireless bridge with two WRT160N

    I recently bought two Linksys WRT160Ns and created a wireless bridge according to http://www.dd-wrt.com/wiki/index.php/Wireless_Bridge. I installed DD-WRT v24-sp1 (07/27/08) min.
    But, in a perfect setting where both devices are just a meter apart I can only get a throughput of 20Mbps when using security (either WEP or WPA) or 30Mbps if using no security at all. To measure this I'm transferring a large file from one computer to the other and checking the result on the "bandwidth" page of the router.
    Any suggestions on how to improve the bandwidth would be much appreciated!
    Thanks, Gordan

    Ask in a dd-wrt forum. They know how to tweak their firmware.

  • AirPort Express wireless connection, when I surf the news sites so I linked to **** pages. And must close the window. If I use my iPhone with Internet sharing the same computer, then I have no problem. I believe that it is in AirPort Express, and wou

    AirPort Express wireless connection, when I surf the news sites so I linked to **** pages. And must close the window. If I use my iPhone with Internet sharing the same computer, then I have no problem.
    I believe that it is in AirPort Express, and would have to clean it. How do you do that?

    You need to use the Express in router mode.. I think you are trying to use it in bridge mode.. but you need to give us a lot more details.. screenshots might help more than anything.

  • Create a wireless network AND Internet sharing?

    Hi all,
    I own a MacBook Pro and an iPhone, and currently live at a state university. The problem is that the wireless network won't allow communication between devices, only to the internet, and you aren't allowed to have a wireless router. You are, by some strange loophole, allowed to share an internet connection from a computer. My problem is that I either can share the Internet (which doesn't allow me to use apps that use WiFi to communicate with my Mac, like iDisplay) or create a wireless network (which means I can't connect to the internet via WiFi on my phone). So here's my question:
    How can I share my internet connection with my iPhone as well as be able to use apps that communicate with my mac, such as iDisplay?
    Any insight would be appreciated.
    Thanks!

    Your Mac is already using the Wifi to connect to the  network, you don't have control over the router can't have one, so you can't make any changes to have your iPhone use the router to communicate with your Mac.
    They likely already have enough bandwidth issues as it is to allow streaming between devices on the local network too.
    Open Mesh with Internet Sharing via the Mac's Ethernet port and a Cat5 cable?

  • AppleTV don't show in iTunes with internet sharing on

    Dear all,
    I have a problem with my new appletv. I'm sharing internet connection via ethernet on my iMac directly connected to a linksys access point. tv have a wireless connection to the linksys and the ethernet ip address of my iMac as a gateway. With internet sharing on my iTunes don't show tv and don't synchronize with it.
    My current setup is iTunes 8.1 and tv 2.3.1 firmware. With previous firmware release all is ok.
    Any suggestion? Is it possible to use internet sharing and iTunes sync at the same time?

    Songs will only show up if they are in the library. Did you copy the music from your old iTunes library and load it on the new computer?

  • Using Airport Express with Internet Sharing in Leopard

    Howdy all,
    I have Internet Sharing enabled on my MacBook Pro running Leopard 10.5.4. I use a Sprint Sierra Wireless Aircard 597E modem to connect to the Internet.
    I'm trying to get my Airport Express & Time Machine to recognize my MacBook Pro, or the other way around. Basically, I want to be able to access the Airport Express to wirelessly play music through a pair of speakers and be able to access the Time Machine for backups & accessing files.
    With Internet Sharing enabled, my iPhone can access the web, so I believe I have the sharing set up correctly. However, I can't see the Time Machine and my Airport Express just keeps blinking amber.
    Does anyone know what I might need to do to resolve this issue?
    Any help is so very very much appreciated!

    Thanks Kappy,
    I'm not sure you're exactly following me on this one, though. Here's what I've discovered on my own for anyone else facing the same situation I am:
    1. You /cannot/ use Airport Express while using Leopard's Internet Sharing.
    2. If you want to create a local network, in this situation, you'll need to use Time Capsule to establish the initial local network, then join the Airport Express into that network. At that point you can use Time Machine with Time Capsule, access it as a hard drive and use AirTunes with the Airport Express.
    But you cannot use the Sprint AirCard (and I assume any other similar setup) and your Mac with Internet Sharing to build the local network and then join the other devices to it. Unfortunately.

  • Issue with Internet Sharing

    Hey folks,
    Just wondering if anyone has encountered something like this. I'm using my imac to share it's internet connection wirelessly with several clients (not a perfect scenario i know) and the clients hog the bandwidth. I was wondering if theres a way to limit the bandwidth that is shared. For example. Have the host using 75% of bandwidth and clients using 25% between them.
    Any info would be greatly appericiated
    Cheers
    Nick

    I know that apple have released a rubbish version of mac that has problemos with internet sharing
    so here is da answer
    1. go to finder>(computer name)>macintosh HD>library>preferences
    2. copy the entire systemconfiguration folder and systemconfiguration.old folder to your desktop
    3. restart mac and device which you share intenet to
    then you have internet that is about 3x slower than the da 10.7.3 intenet sharing, but works
    then, just wait for apple to release da 10.7.4 fixed
    please use da steps!

  • Split DNS with internet sharing

    Hi
    I'm running a Mac mini as a server, with Internet sharing on its wifi. Since NAT'd addresses connecting to the machine's outside interface performs rather poorly, I was wanting to run some form of split dns for local domains - so connecting to, say, smtp and imap would hit 10.0.2.1 instead of the external IP.
    As it turns out, I'm already running two copies of named - one to serve the domains on the system (out of /usr/local), and the other one running Internet sharing through the /etc/com.apple.named.conf.proxy config file. Since my changes wouldn't "stick" in that file, running a separate copy seemed to make sense for me. But now I want to change the behavior of the named used for Internet sharing to give out different results. Has anybody figured out a way to do this that is sane (won't break on reboot/OS upgrade/etc)?

    Anybody?

  • Touble with Internet Sharing since latest Aiport Update

    Up to yesterday I was able to share seamlessly my internet connection on my iMac using built in airport as a router. Since the last update, every time I open internet sharing is running on my iMac while connected to the internet, sharing my connection from ethernet using Airport within 30 second of my iPod been connected to my Wireless signal my internet connection die, and can no longer access the internet with my iMac or iPod. The only way to get back my internet connection is to disable internet sharing in system preference.
    AirPort Card Information:
    Wireless Card Type: AirPort Extreme (0x14E4, 0x87)
    Wireless Card Locale: Worldwide
    Wireless Card Firmware Version: Broadcom BCM43xx 1.0 (5.10.38.27)
    Current Wireless Network: Airport
    Wireless Channel: 11
    Help

    Just to be clear,
    1. You are connecting fine on your iPhone (meaning that you have the 3 bars next to your Carrier in the top left of the screen)
    2. you can't access the internet on you iPhone
    Correct?

  • Wireless bridge with WPA

    I want to add my wireless interface wlan0 to a bridge br0. But
    brctl addif br0 wlan0
    doesn't support this operation. I searched online and tried with 4addr mode enabled. Then the above code works but my wireless NIC cannot associate with the AP using wpa_supplicant.
    Could anyone help me explain this? What's the relationship between wireless bridge, 4addr mode and wpa_supplicant?
    Any other solution which can add wlan0 to br0 and associate it with AP using WPA is also welcome. Thank you!
    Last edited by cyker (2012-11-23 21:00:01)

    Assuming you want to have the Wireless interface be the GW....
    Instead directly connect the wireless interface to the bridge device,
    You could use iptables to forward and NAT traffic between wlan0 and br0
    Something like.
    Connect to the wireless network like you normally would.
    Then I guess you have a network of VM's on the bridge?, so...
    echo 1 > /proc/sys/net/ipv4/ip_forward
    brctl addif br0 eth0
    brctl addif br0 tap0
    brctl addif br0 tap1
    ifconfig br0 10.0.0.1 netmask 255.255.255.0 up
    iptables -A FORWARD -i wlan0 -o br0 -s 10.0.0.0/24 -m state --state NEW -j ACCEPT
    iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A POSTROUTING -t nat -j MASQUERADE
    I used that config to route hosts connected to my eth0 interface to the Internet through my wlan0 interface. ( i.e. there was no 'br0' in the iptables config instead it was 'eth0')
    With that config, the Hosts on eth0, tap0, and tap1 will have their default GW be 10.0.0.1 and the Archlinux/router/computer/laptop in the middle will have a default gw of whatever the wlan0's GW is.
    Last edited by hunterthomson (2012-11-27 10:28:50)

  • Airport Express won't work simultaneously with Internet Sharing

    I just purchased two Intel-based iMacs (each with standard configuration including Airport cards), and 1 AX. I placed iMac #1 in Room #1 (near my cable outlet), iMac #2 in Room #2, and the AX in Room #3, along with powered speakers. Using an Ethernet cable, I connected iMac #1 to my cable modem (and its broadband internet connection). I then turned on Internet Sharing, so that iMac #2 now connects to the internet through iMac #1. I also placed the AX in another room and connected it to powered speakers. Here's the problem: Airtunes only works (i.e., the AX-connected powered speakers only show up in iTunes) when I turn off Internet Sharing. The powered speakers "disappear" from iTunes as soon as I turn Internet sharing back on.
    Is there any way to fix this?

    I assume that you are having this problem with iMac #1 which is doing the sharing... Perhaps this happens because iTunes will not cross subnets.
    Even though iMac #1 exists on both subnets (the Ethernet one and the one created by Internet sharing) it appears that iTunes is not using the subnet created by Internet sharing. Therefore it won't cross between the Ethernet subnet and wireless subnet.
    The solution is to get an inexpensive wireless router and use that instead of iMac #1 to create your wireless network.

  • Sending specific Vlan across wireless bridge

    Hello All,
    I would like to know how I can send a specific VLAN across a wireless bridge.  Currently, we have a building across the street from our main office that's connected via a wireless bridge (no physical cabling).  One of the switches in building 1 has a port in VLAN 206 (10.20.6.0/24) which connects to the wireless bridge (10.20.6.3) on that building.  The wireless bridge in building 2 is 10.20.6.4 and connects to a router on the same subnet.  So both bridges, the switch in building 1, and the router in building 2 are all on the same subnet.  I need to send VLAN 60 across this wireless bridge so that the workstations in building 2 can go out to the Internet.  As a side note, VLAN 60 is unrouted and is it's own subnet which has it's own firewall and web filter.  My thought on this is that if I can get the wireless bridges to send VLAN 60 to building 2, then all I would need to do is add the workstations to that VLAN on the switch in that building and all should be well.  I'm just not sure what I need to configure on the bridges and how building 2 should be configured seeing that the 2nd bridge connects to a router instead of a switch.  Any tips, suggestions, and help would be great!
    Thanks,
    Terence                  

    assume that i have two bridges Br-root , and Br-nonroot and i want to send traffic from multiple vlans across the wireless link, all you need to have is infrastructure-ssid on the native vlan. Then define the required subinterfaces on both radio and ethernet of root and non-root.
    Example: ( vlan 1 , 2 , and three )
    Root(config)#dot11 ssid test             
                     #authentication open
                     #vlan 1
                     #infrastructure-ssid
                    #exit
    Root(config)#interface dot11radio 0
                     #ssid test
                     #station-role root bridge
                     #no shut
                    #exit
    Root(config)#interface dot11rdio0.1
                     #encapsulation dot1q 1 native
                    #bridge-group 1
                   #exit
    Root(config)#interface dot11rdio0.2
                     #encapsulation dot1q 2
                    #bridge-group 2
                   #exit
    Root(config)#interface dot11rdio0.3
                     #encapsulation dot1q 3
                    #bridge-group 3
                   #exit
    Root(config)#interface fa0.1
                     #encapsulation dot1q 1 native
                    #bridge-group 1
                   #exit
    Root(config)#interface fa0.2
                     #encapsulation dot1q 2
                    #bridge-group 2
                   #exit
    Root(config)#interface fa0.3
                     #encapsulation dot1q 3
                    #bridge-group 3
                   #exit
    for the non-root , same config but the station-role should be non-root
    Enjoy

  • Problems with internet sharing/network connection/ethernet and XBOX 360

    So basically I have a sent my Mac Book Pro 13" (Snow Leopard) away to be fixed, and in return I got a loan Mac Book Pro 15" (Lion). In the two weeks my Mac book was away getting fixed I purchased an XBOX 360, because of my location I am unable to use wireless on my XBOX, so instead I connect the loan Mac Book to the XBOX 360 via network cable.
    This worked fine and I could now connect to XBOX Live and be on the Mac Book at the same time.
    So today my Mac Book (13") is returned, I connect everything up exactly the same also changing the settings on internet sharing making sure that it can be used to send the connection to other devices via ethernet.
    But it just wont connect.
    The XBOX doesnt find the connection like it did before, and it also doesnt register on the MAC Book either.
    I've tried different cables, the same cable I used where it worked before.
    I've tried turning of Virus protection.
    Both still at both ends it is not registering a connection, I have used this Mac Book before through a network cable so I dont think there is a problem there, to my knowledge everything is the same as I did on the other Mac Book but this one does work.
    Have you any advice or tips on how to get this to work?
    Thanks for your time.

    What I did to get my network running again (although I still haven't found out why DHCP has stopped working):
    1. Open the Control Panel of the computer that's trying to connect to the network (not the computer sharing the internet connection)
    2. Go to 'Network' panel, and select the AirPort connection
    3. Under the 'TCP/IP' tab, change 'Configure IPv4' pull-down menu from 'Using DHCP' to 'Manually'.
    4. Enter an IP address between 10.0.2.2 and 10.0.2.256 (I randomly chose 10.0.2.40), a Subnet Mask of 255.255.255.0, and enter 10.0.2.1 in the Router box.
    5. Click "Apply now"
    The computer should now be connected to the network, and able to access the internet. If not, you may need to manually enter a DNS server - put '4.2.2.1' (or an IP for a DNS server provided by your ISP) into the 'DNS Servers' box.
    You need to do that process for each computer you're trying to connect to the shared network, making sure you enter a different IP Address for each.

  • If you can't get web pages with internet sharing, do this.

    I could not find anything about this so I'm posting it for others, seeing as it took me a day to figure out!
    I set up a wired Bellsouth Ethernet Mini running 10.4 for internet sharing. I had a MacBook laptop to share the connection. The laptop worked with mail but Safari would not load web pages. It took all day but I realized that the laptop was not getting the DNS from the Mini.
    I found out the DNS numbers for Bellsouth and entered them (on the laptop) in the Airport TCP/IP box in Sys. Pref, Networking, "Show Airport" TCP/IP DNS box: 205.152.144.23. I'm told that 8.8.8.8 will also work (Google's public DNS server) but I have not tried it on the laptop but it worked with my iPhone.
    As soon as I put those numbers in there Safari sprang to life (on both laptop and iPhone) and worked great.
    I don't know why the Mini did not "share" the Bellsouth DNS address with the laptop. I hope this helps someone save a day of hair-pulling and frustration!
    Al
    www.ancins.com
    Message was edited by: al1776
    Message was edited by: al1776
    Message was edited by: al1776

    I've already done this, to no avail............

  • DHCP over wireless bridge

    I want to setup a wireless bridge going from a current network (siteA), to a new small network across the street (siteB). I have 2 Cisco 1131AG Access points. I have no need for any client access, only the bridge. I have the interfaces up and can ping across, however, no dhcp requests seem to come over the bridge. Where am I going wrong??
    [SiteA]
    dot11 ssid Cisco
    authentication open
    authentication key-management wpa
    guest-mode
    infrastructure-ssid
    wpa-psk ascii secret
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption mode ciphers aes-ccm
    ssid Cisco
    station-role root access-point
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface BVI1
    ip address 10.175.36.254 255.255.255.0
    no ip route-cache
    bridge 1 route ip
    [SiteB]
    dot11 ssid Cisco
    authentication open
    authentication key-management wpa
    guest-mode
    wpa-psk ascii secret
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption mode ciphers aes-ccm
    ssid Cisco
    station-role workgroup-bridge
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface Dot11Radio1
    no ip address
    no ip route-cache
    shutdown
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface BVI1
    ip address 10.175.36.253 255.255.255.0
    no ip route-cache
    bridge 1 route ip
    bridge 1 aging-time 120

    Have you tried configuring Site A as root bridge and Site B as non-root bridge.
    See this example:
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008058f53e.shtml

Maybe you are looking for

  • ITunes and Apple TV and purchased content

    I have a new 2nd gen Apple TV.  To test things out, I bought a couple of TV shows via the Apple TV.  Should I see those shows in iTunes on my computer? Conversely, if I have TV or Movie content on my computer that I bought via iTunes, should I see th

  • Website Translation

    Hi all My question is about how to make websites work in different languages. As I operate my business with customers throughout INDIA I need to present my website in several languages. How does this work? Once I have the text translated, do I have t

  • Flex to HTML

    I'm totally new to Flex I just want to know if I can send a value to a hidden HTML text input from flex?

  • RV042G fails to work with Public Wan IP when connected to Cisco SG300

    Am using a RV042G with a Fiber Optic connection terminated on WAN1 It was working fine untill received a new IP pool . When we configure with the ip on wan 1 and connect the SG300 the WAN Status shows connected but no internet connection. The wan ip

  • Cut and paste in all applications stopped working last week

    I'm running a 2.8GHz i7 and OS 10.9.2. Last week I noticed I could not copy and paste any text from any application - word, safari, firefox, excel, mail, notes. Nothing! I've got three accounts on my machine: mine, kids, and Guest. Copy and paste wor