Posted: Sun May 27, 2018 21:39 Post subject: Unbridged Guest Wifi on a secondary router
For my home network I have my main router with WAN access in my living room, a managed switch in a utility room, and another router in the basement (no WAN connection). Both routers are connected to the switch, and all 3 devices have devices connected to them.
For my main wifi, I have both routers broadcasting to get the most amount of coverage
I am in the process of trying to setup an unbridged guest wifi network and I would like to broadcast from both routers as well.
The main wifi is working fine, but the secondary has no route to the internet.
Anyone have any tips on getting this setup? I think I need to setup tagging for the guest VLAN on both the basement router and managed switch to route to my primary router, but I don't know what to setup on my primary router.
Hi, as I am trying to achieve the same as bqq100, that's why I am posting in this tread. I followed the instructions in this thread but cannot seem to get it to work.
My setup is as follows:
• two R7000s connected LAN-LAN
• both devices are running the DD-WRT v3.0-r37015M kongac 09/23/18 firmware.
• the primary R7000 (1st floor) functions as a router, WAN-port is connected to modem.
• the secondary R7000 (3rd floor) functions as access point.
The goal is to run two separate wireless networks on each router:
• Private wireless network (wl0 & wl1), two different SSIDs
• Guest wireless network (wl0.1 & wl1.1), two different SSIDs, traffic is routed through a VPN
I would like to do the same thing for the secondary R7000. Following the instructions in this thread, I cannot get internet access via wl0.1 and wl1.1 on the secondary R7000.
• IP of device is 192.168.178.2
• DHCP is OFF
• Private network on wl0/wl1 is working as expected.
• I have no VPN setup on the secundary R7000 (lets first get internet connection on wl0.1 and wl1.1)
• Guest networks setup as:
○ Interface wl0.1: IP 10.0.30.1/255.255.255.0
○ Interface wl1.1: IP 10.0.40.1/255.255.255.0
To keep it simple I only experimented with the wl0.1 interface.
Adding the Firewall rules (as described in this thread) and rebooting the device, it does not give internet connection on wl0.1:
iptables -t nat -I POSTROUTING -o br0 -j SNAT --to $(nvram get lan_ipaddr)
iptables -I FORWARD -i wl0.1 -d $(nvram get lan_ipaddr)/$(nvram get lan_netmask) -m state --state NEW -j REJECT