[tonym]

I have a linksys wrt400 which i successfully installed dd-wrt on. This linksys connects to a netscreen 5 GT via one of the LAN ports. The NS 5 GT is connected to the Internet. Behind the NS 5 I have the corporate LAN wiht IP range of 192.168.75.0/24 with a DHCP server sitting on that network. I would like to create a guest wireless network on a different subnet, say 192.168.100.0/24 so that the 2 networks cannot pass traffic to each other but both need to access the internet. I've followed the articles on "separate lan and wlan" and the "Wireless Access Point" but I'm unable to get traffic from my wireless clients to the internet. The only firewall commands I added from the first article are these as I'm not sure which ones are really needed.:
iptables -I FORWARD -i br1 -m state --state NEW -j ACCEPT
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu


Any help is appreciated. thanks

[phuzi0n]

Use the firewall commands that say they're for WAP's as the guide instructs.

[tonym]

I added the following 2 commands and still no luck. My WAN port is disabled and the uplink to my NS 5 is plugged into port 1 of my linksys. the light is on.

iptables -I FORWARD -i br1 -d `nvram get lan_ipaddr`/`nvram get lan_netmask` -m state --state NEW -j DROP


iptables -t nat -I POSTROUTING -o br0 -j SNAT --to `nvram get lan_ipaddr`


in basic setup, which IP address do i enter for gateway and DNS? I've tried the private IP of the NS and teh Public IP of the NS. Sorry just confused!

[phuzi0n]