Posted: Mon May 21, 2018 17:56 Post subject: Net isolation on secondary router
Having some trouble getting a guest wireless network running on an RT-AC66U_B1 running 35034. I am trying the "old" version on this guide ( https://www.dd-wrt.com/wiki/index.php/Guest_Network ) because the "new" steps didn't appear to work on in router mode (with wan port used as LAN).
Currently, the bridged guest network does not receive internet connection.
iptables -t nat -I POSTROUTING -o get_wanface -j SNAT --to nvram get wan_ipaddr
iptables -I FORWARD -i br1 -m state --state NEW -j ACCEPT
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP
iptables -I FORWARD -i br1 -d nvram get lan_ipaddr`/nvram get lan_netmask` -m state --state NEW -j DROP
iptables -t nat -I POSTROUTING -o br0 -j SNAT --to nvram get lan_ipaddr