Configuring an OpenWRT Switch to work with SSID VLANS on a UAP-AC-PRO

Network setup: https://fossjon.wordpress.com/2021/02/05/home-networking-upgrade-unifi-uap-ac-pro-ufos/

On the OpenWRT Switch page, I have set LAN port 1 (along with a backup LAN port 2 but you can just use a single port) as the VLAN trunk port (tagged) to allow it to carry the traffic through to the VLAN access ports (untagged) [home = VLAN 3 && guest = VLAN 4]. This will create the sub-interfaces eth0.3 and eth0.4 which will contain the separated ethernet Layer 2 traffic from the WiFi clients (ARP, DHCP via dnsmasq, mDNS, etc).

Note: Make sure to tag the CPU along with the LAN ports and ignore the untagged VLAN 5, I’m using it as an isolated management network (firewalled off with iptables at Layer 3).

Linksys WRT32X Switch Setup:

You can then go to the Networks section in the UniFi AP Site configuration and add a VLAN-Only Network (set the ID to 3 or 4) and then on the Wireless page create an SSID which uses that Network Name in the WiFi settings.

Note: To achieve a similar setup on a OpenWRT AP, you can use the WAN port tagged on those same VLAN numbers and then on the Interfaces page create an unmanaged interface type from the related VLAN sub-interface listed – this interface can then be assigned to the SSID network under the Wireless networks page.