Posted: Wed Dec 29, 2021 19:19 Post subject: Isolate traffic from wireless extender on second subnet?
I am running a Linksys WRT1900 and wanted to add another device to host a ton of IoT devices. I have a spare Tenda router that I have setup as a repeater. I am only given the option of WISP or Client+AP. I figured WISP would be best as I am running out of IP addresses (part of the reason for doing this).
I am wanting a way to block the Tenda from accessing the local network hosted by the Linksys.
Linksys is running 0.x and Tenda is 10.x if that helps for any rules.
Is it possible to have the Linksys filter all of the traffic since the Tenda seems to lack any kind of way to isolate (that I can see)?
Ideally I'd like to be able to access both networks from the Linksys side (and internet) and the Tenda should only be able to access it's own network (and internet).
Edit - just realized the Tenda can run Tomato, but seems to lack a dedicated repeater mode.
Then setup the vap network to host all of your IOT and whatnot... then it can control through iptables what access things have and if you want access one way or another...
P.S. It sounds like you are either only depending on dhcp (which you can increase) If you do shorter leases you can effectively gain more... otherwise change your netmask to be like 255.255.0.0 (meaning that you are opening up from ~255 ip addresses per network to ~65536 addresses)
What I would do is set up dd-wrt to have a regular wireless network, and then add a vap
I have considered that, but wasn't sure how much of an impact that would have on the main wireless network.
You are correct about the DHCP setting - never really needed more before, but with so many smart lights and switches things are getting out of control - Part of why I wanted them to all run on their own device.
I have 2 WRT1900's and one WRT1200 so I could also do something to bridge those instead of the Tenda.
It seems first thing is getting the vap working correctly. I actually recall trying to do this on my router at work and it took many attempts before it actually worked correctly. All goes downhill when trying to get the multiple dhcp to work I believe.
Joined: 04 Aug 2018 Posts: 1374 Location: Appalachian mountains, USA
Posted: Sat Jan 01, 2022 16:28 Post subject:
One more resource: My notes on setting up a VAP are the third post at https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1217070?start=3 _________________ 5 Linksys WRT1900ACSv2 routers on 50474: VLANs, VAPs, NAS, client mode, OpenVPN client (AirVPN), wireguard servers (via AirVPN port forwarding) and clients (AzireVPN and AirVPN), 3 DNSCrypt DNS providers via VPN clients.