Guest WIFI that allows Internet to local Network

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions
Author Message
ymurawski
DD-WRT Novice


Joined: 30 Jan 2018
Posts: 5

PostPosted: Fri Sep 14, 2018 20:57    Post subject: Guest WIFI that allows Internet to local Network Reply with quote
Hi guys,
i need some help.

What i want is, that the Guest Wifi i created (br1 with 192.168..2.xxx) can connect to Internet and to my normal local Network devices which are connected to br0 192.168.1.xxx

I want that because the Guest network is not for guests but its a own network who isnt using the vpn client.

I already got i to work that the Guest network can connect to Internet, but i cant access to my local network devices wich are in 192.168.1.xxx

This is my Firewall script, hopefully somebody can help me Very Happy




iptables -I FORWARD -i br1 -m state --state NEW -j ACCEPT
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -I INPUT -i br1 -p udp --dport 67 -j ACCEPT
iptables -I INPUT -i br1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i br1 -p tcp --dport 53 -j ACCEPT

WAN_GTWY="$(nvram get wan_gateway)"
WAN_IF="$(nvram get wan_iface)"

ip route add default via $WAN_GTWY dev $WAN_IF table 10

ip rule add from 192.168.1.200 table 10
ip rule add from 192.168.1.201 table 10
ip rule add from 192.168.1.202 table 10
ip rule add from 192.168.1.203 table 10
ip rule add from 192.168.1.204 table 10
ip rule add from 192.168.1.205 table 10
ip rule add from 192.168.1.206 table 10
ip rule add from 192.168.1.207 table 10
ip rule add from 192.168.1.208 table 10
ip rule add from 192.168.1.209 table 10
ip rule add from 192.168.1.210 table 10
ip rule add from 192.168.2.1/24 table 10

#----------------------------------------------------

iptables -I FORWARD -i br0 -o tun1 -j ACCEPT
iptables -I FORWARD -i tun1 -o br0 -j ACCEPT

iptables -I FORWARD -i br0 -o vlan1 -j DROP

iptables -I FORWARD -i br0 -s 192.168.1.200 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.1.201 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.1.202 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.1.203 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.1.204 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.1.205 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.1.206 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.1.207 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.1.208 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.1.209 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.1.210 -o vlan1 -j ACCEPT
iptables -I FORWARD -i br0 -s 192.168.2.1/24 -o vlan1 -j ACCEPT

#iptables -I INPUT -i tun1 -j REJECT
iptables -t nat -A POSTROUTING -o tun1 -j MASQUERADE
Sponsor
jxm
DD-WRT User


Joined: 23 Jul 2017
Posts: 348
Location: Brisbane, Australia

PostPosted: Sun Sep 23, 2018 11:38    Post subject: Reply with quote
Go to your wifi settings. In the section for the virtual onterface, against the Network Configuration item, select the Bridged option.
Click the Apply button.
Delete all the firewall rubbish and any other stuff you added.

Job done.

Cheers.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum