Connect to a device on a different network

I have a router with OpenWrt with two interfaces configured, the main network and the guest network. They are isolated from each other so trying to connect to an IP of the guest network from the main network won't work and vice-versa.
The firewall rules are defined as such:

Let's stay the main network is 192.168.1.0/24 and the guest network 192.168.2.0/24.
There's a device on the main network that I would like to be accessible from the guest network. My first idea was to have a fake/virtual IP, 192.168.2.199, that would redirect all traffic to this device with the IP 192.168.1.199. I tried creating some NAT rules and firewall rules but that didn't work.

Is this even possible without some crazy rules? Or there's better way to do this (maybe make the device belong to both networks?)

Extra info: the IPs are assigned via DHCP to the devices on both networks except this device which has a static IP.

Looking for your tips :slight_smile:

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
1 Like

All you need to do is create a simple traffic rule that has:

  • protocol: probably TCP and/or UDP, depends on the type of traffic
  • source zone: glan
  • destination zone: lan
  • destination address: address of the shared resource
  • optional destination port: port number for the shared resource's server functions
  • target: accept

From there, a device on the guest network should be able to reach the specified device on the lan -- this will be done via the IP address (i.e. 192.168.1.4)

1 Like

Omg it was so simple. I was overcomplicating it with more elaborated rules. Thank you :slight_smile:

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.