Posted: Mon Jun 13, 2022 12:32 Post subject: [SOLVED] Guest Network with dnsmasq + PI-Hole
There may be better ways to do this but the Guest network information seems to be a bit obsolete in the Wikis.
I had set this up a few years ago and it had been working up until late and it may be tied to the upgrade to firmware version r48646 which I am currently running in an R7000.
My hardware setup is using a Pihole for DNS and DHCP so DHCP is turn off on the R7000.
My configuration is I have a Virtual interface setup for the Guest network, Unbridged with Net Isolation and Forced DNS Redirection with an optional DNS target IP (for the Guest Network DNS).
Under Setup/Basic setup Use DNSMasq is checked.
Under Services DNSMasq is enabled.
I use these commands for Additional DNSMasq Options:
dhcp-range=wl0.1,10.0.10.1,10.0.10.10,255.255.255.0,1440m
dhcp-option=wl0.1,3,10.0.0.1
dhcp-option=wl0.1,6,10.0.0.1
interface=br0,wl0.1
When a guest try's to connect the guest gets a correct IP address so that is being assigned but has no internet access which is the fundamental issue.
As I said before this method used to work but does not now.
Any help appreciated and if there is a better way to do that would be great.
Thank you.
The issue I found with the wiki link method listed (Guest Wi-Fi Abuse Control for Beginners) is if you Disable in Setup/Basic setup the DHCP server in DD-WRT then if you add another Multiple DHCP server from the Setup/Networking section it does not work so that method fails. That is why I had to use the DNSMasq method at the time.
Joined: 18 Mar 2014 Posts: 12915 Location: Netherlands
Posted: Mon Jun 13, 2022 13:34 Post subject:
I never tried it but even when DHCP is off you should be able to setup a DHCPD server if DNSMasq is enabled.
At least when using the router as a WAP that is possible.
Of course the VAP should be unbridged.
See my attached notes how I do it (but I do not have the DHCP off at setup page)
Or is this router setup as a WAP (Wireless Access Point with WAN disabled etc. ?)
The issue I found with the wiki link method listed (Guest Wi-Fi Abuse Control for Beginners) is if you Disable in Setup/Basic setup the DHCP server in DD-WRT then if you add another Multiple DHCP server from the Setup/Networking section it does not work so that method fails. That is why I had to use the DNSMasq method at the time.
no one told you to disable the dnsmasq dhcp server on the router.
In fact the router and the Pi-Hole use dnsmasq as DNS forwarder and DHCP server.
So there is no advantage at all if you disable DHCP on the router because the Pi-Hole uses the same DHCP server anyway.
And I sent you two links how to configure it and how it works without problems.
I have it myself running as shown in the two links with isolated Guest VAP's and they work without problems.
but i'm sure you can find another solution that works.
Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Posted: Mon Jun 13, 2022 15:53 Post subject:
That page I used to setup unbridged VAPS both AP/NET Isolated with Internet access and I can confirm it works, since heck I followed it and its working here.