I am trying to set up a secondary router to be used as a dedicated IoT network (wired and wireless). I would like to allow communication (i.e. http, ssh, etc.) from devices on my main network to my IoT network but prevent communication from devices on the IoT network back to my main network.
Topology
Given the above, I would like to be able to make a connection from PC1 to PC2 but not the other way around.
Main Router (WRT3200ACM) Configuration
Secondary IoT Router (WRT3200ACM) Configuration
I have disabled the firewall on this router completely.
Some additional details.
- From PC1 I can ping the IoT interface (
192.168.1.1) - From PC1 I can ping the IoT router (
192.168.1.2) - From PC1 I can access the LUCI interface and SSH to the IoT router (
192.168.1.2) - From PC1 I cannot ping the IoT router LAN interface (
10.0.0.1) - From PC1 I cannot ping any devices on the IoT network (
10.0.0.*)
I feel like I'm missing one small detail somewhere but can't figure out what it is. Possibly something with the static route? Maybe I shouldn't be using VLANs here? I can share the raw configuration values if that useful, just ask. Any help is appreciated.
