Hello. I am using an OpenWRT as a test network attached to my own personal LAN, and monitoring all traffic through it for testing behavior of devices. Here is a basic map (I hope this doesn't get pwned)
I want to block MyLAN and allow access to the Internet.
Everything works currently, but I would like to broadly block all Private networks from OpenWRT using luci to make it easy to backup and restore settings from a single file. How would I make MyLAN transparent from the OpenWRT LAN but still allow routing from OpenWRT through MyLAN?
If you configured openwrt like in the above picture (10.10.10.0/24) you need to change it you're likely to get duplicate IPs from myLan 10.10.10.0/16 (/24 is a subset of /16). Use something like 10.10.11.0/24
Yes, since 10.10.10.0/16 is not a valid network designation, that likely fouled up some things.
To get back to the premise of the original question, blocking the private IPs of your routers from guests does not cause a problem, even though they are gateways for the guests' path to the Internet. The blocking is based on the destination address in the packet. Routers holding a blocked IP can still be used as intermediate hops on the way to a permitted (Internet) destination.
