Posted: Tue May 14, 2019 18:16 Post subject: Guest WiFi with different Gateway?
I use two DD-WRT Routers as WiFi-access points in my house. The gateway to the internet is a dedicated opnsense firewall though, which also does DNS and DHCP.
I would like to configure a guest network, but I am unsure as to where I even start in my case. I can configure a virtual interface wl0.1 very easily, but how do I route this to the firewall on a different vlan on the same cable? Are there tutorials for this case out there?
Thanks for your reply! Unfortunately this does not seem to work, but maybe I am doing something wrong here:
(note that my dd-wrt is in german, so I might be translating some things differentley here) I set up a virtual interface wl0.1:
SSID Broadcast enabled
AP Isolation disabled
Network configuration bridged
Then I save the two iptables commands into the firewall section under administration > diagnosis
and finally reboot the router.
The result is a working guest network, but with full access to the local network. If I understand the iptables command correctley, this only works, if the router is also the gateway, because it does NAT?
Also DHCP clients get the local dns-server which would/should be blocked by the iptables, right? I do not think the opnsense firewall which does the DHCP could differ between clients on guest or private network.
Do I need vlans now? (I hope not, as I do not have a lot of experience setting vlans up)
Last edited by RockNLol on Tue May 21, 2019 10:08; edited 1 time in total