R7200_User DD-WRT Novice
Joined: 29 Sep 2022 Posts: 7
|
Posted: Sun Nov 26, 2023 3:36 Post subject: Proper way to isolate Chromecast on its own VAP? |
|
I've done my research on this topic, well in advance, but wanted to confirm with the DD-WRT community that my approach is technically correct so that I am not opening up my router for undue access.
Basically I want to isolate Chromecast on its own virtual AP. There has been a scant few postings about this going back to 2016 but nothing definitive in terms of the recently added mDNS support for DD-WRT. The EdgeRouter has some definitive info (https://www.cron.dk/edgerouter-and-chromecast).
br0 = My main LAN
br3 = My new VAP
From what I've pieced together I should do this:
1) Service, mDNS
Resolver = Enabled
Doman name = Local
Reflector = Enabled
Interfaces:
br0 (main LAN)
br3 (Chromecast VAP)
2) Add these terms to the firewall to route the DIAL packets and the multi-casts:
iptables -I INPUT -t filter -i br3 -p udp --dport 5353 -j ACCEPT
iptables -I FORWARD -t filter -i br3 -p udp --dport 1900 -j ACCEPT
3) I'm presently not sure about AP Isolation and Net Isolation, in terms of Chromecast, but I hope to fiddle with those VAP parameters when I get this working. |
|