the_dog DD-WRT Novice
Joined: 29 Jan 2017 Posts: 22
|
Posted: Thu May 09, 2019 20:37 Post subject: Optimal setup for Internet network shared across 2 subnets |
|
Hello,
I want to know if my network setup is optimal. I need an internet connection shared to 2 subnets fully isolated from each others.
I'm using 2 WRT-1900ac routers that I used to configure using this guide.
The only difference in my scenario is that my 2 routers are connected to each other using WIFI instead of an ethernet cable, using Client Mode on the second router.
Both subnets had access to Internet, and I thought that both subnets were isolated because I wasn't able to ping clients from different subnets.
But today I realized that I was able to access a Google Home device on the main router subnet from a client in the second router subnet.
So I changed the network setup and used the Kong guide to create an hidden guest network over WIFI just for the second router.
Main router
WAN: DHCP from ISP
Local: 192.168.1.1
Virtual Interface on the 5ghz radio
Unbridged
Masquerade / NAT enabled
Net Isolation enabled
Interface IP: 192.168.2.1
Operating Mode: Gateway
Second router
WAN: 192.168.2.2
Local: 192.168.20.1
Client mode on the 5ghz radio, using the guest network infos
Virtual interface on the 5ghz radio (bridged, just to also broadcast a 5ghz wifi for the second network)
Operating Mode: Gateway
Seems to work fine, however I realise that clients under the second router are now being double NAT-ed uselessly by the Guest network.
Will this cause problems somehow? Speedtests and pings doesn't seem to be affected.
Should I revert to my initial setup and just add some firewall commands to truely block clients from other subnets? If so, how should I proceed?
Should I be doing WDS between the routers instead of using Client Mode?
Thank you! |
|