Joined: 07 Nov 2020
|Posted: Sat Nov 07, 2020 13:16 Post subject:
i didn't want to start a whole new Thread because what discussed here fits perfectly to my problems! I hope it's ok if i do it this way. First of all, English is not my native language so please excuse possible grammatical errors
Ok lets start:
My Setup: (both Wrt3200ACM b:40559)
A "WRT3200ACM(1)" configured as a "Client-Bridge(Routed)" -> which connects to another "WRT3200ACM(2)" which is configured as a "AP" (connected with cable to the Main-Router), this all happens on 2,4ghz band!
additionally i enabled an Access Point on the "Clientbridged-WRT3200ACM(1)" which happens on the 5ghz band!
Up to this point everything works fine!
All connected devices (no matter if cable or wireless) are in the same Subnet as the Main-Router and have access to the Internet!
And now my problem:
What i want to do is:
Configure the 5ghz AP(ath0) on the "ClientBridgedWRT3200ACM(1)" like a "GuestNet" with a seperate Subnet!
I did this 2 ways without success
First try was to configure a "VirtualAccessPoint(ath0.1)" at the 5ghz Band.
Configured like in the "DDWRT-GuestNet" Guide!
- Added a "VAP(ath0.1)"
- Set to Unbridged
- Enabled Nat/Masquerade
- Enabled AP-Isolation
- Enabled Forced DNS Redirection
- Added the needed IP's
Next Step under "Services->Dnsmasq->Add.Opt."
added the DHCP orders according to my 5ghz device and VAP IP!
third step was under "Administration->Commands"
I set up the firewall rules to give internet access to the "VAP"
iptables -I FORWARD -i ath0.1 -d `nvram get lan_ipaddr`/`nvram get lan_netmask` -m state --state NEW -j REJECT
iptables -t nat -I POSTROUTING -o br0 -j SNAT --to `nvram get lan_ipaddr`
Saved all the Configuration and rebooted the Router.
So what happens now is: I can connect to my VirtualAccessPoint and i get the specific IP & the specific Subnet as configured above.
BUT: no Internet!
If i connect to the 5ghzAP(ath0) i have Internet access. Ive spend a lot of time to solve the riddle but i really dont get it
The second try was to configure the Setup with adding Bridges and Assignments which led me to the same Result: I can connect to the VAP with the right IP and Subnet, but without Internet Access.
This whole thing (guestnet) works if the WRT3200ACM(1) is connected via cable to the Main-Router. But if configured as "ClientBridge" i only can access Internet when AP is bridged.
I hope that what i wrote is anyhow understandable
in advance: Thanks for your help!!!
Additional Info: I know that the right configuration for a Client-Bridge Setup is to change the Advanced-Routing from "Gateway" to "Router". In my case in need the "Gateway" configuration for having the NAT/Masquerade options. Maybe this is the Problem what pretends the Setup from working as it should?!