Posted: Mon Apr 19, 2021 9:07 Post subject: Home network DD-WRT Access Point with Firewall
I would like to isolate some devices on my home network from Internet access (inbound & outbound) and I cannot achieve this using my current setup:
1. Huawei GPON Terminal with ISP installed framework installed
1.1. Firewall settings blocked by ISP
1.2. This is the main device transforming the fiber optic signal
2. D-Link DIR-879 setup as Access Point connected via LAN cable to the GPON
2.1. Firewall settings disabled if not in router mode
I would like to know if i buy a new inexpensive router (DD-WRT supported ofc) and install DD-WRT, would i be able to achieve the following setup
1. Setup the new router as an access point, connected to the GPON with a LAN cable
1.1. Does the router have to support an "Access point" mode, i.e. with a phisical switch to toggle between router/extender/AP or can DD-WRT handle this via software ?
2. DD-WRT: Setup firewall rules to block internet access for certain IPs/MACs
2.1. The DD-WRT Access Point setup mentions to disable firewall rules (Normal Version (Same Subnet) => section when running in AP mode
It only works when you daisy chain the router so connect to the WAN of your secondary router where that router is on its own subnet.
There is an exception if you create an unbridged VAP on the WAP (or unbridge one of the ethernet ports) and put that on its own subnet then traffic will hit the firewall also but effectively you have the same situation i.e. a different subnet.
For some examples see my personal notes (slightly outdated) see paragraph about a VAP on a WAP
I transferred this thread to the appropriate Advanced networking forum.