Hello. I am very new to OpenWRT and am using it with LUCI on a TPLINK RE450. I have been trying to follow this guide to setup a secure guest wifi.
It all works except for the blocking of devices on the guest wifi from seeing any other devices on my network. They can all see the devices on my main home network that has the IP address range 192.168.11.x. This would suggest the last firewall rule in the guide is incorrect.
How do I stop devices on the guest wifi from being able to see any other devices on the network and have only Internet access?
Thank you in advance.
shouldn't destination zone be lan ?
or is the uplink port configured as wan, on the 450 ?
Maybe also set Protocol to Any.
I have the 5ghz wifi interface connected to my wifi network to provide the connection to the internet. The 2.4ghz wifi interface is provding the guest wifi connection for devices. I hope that makes a bit more sense.
I don't want any devices on my network to be visible to those on the guest wifi.
I've given this a go. Sadly I can still access any device on my network with a 192.168.11.x IP address.
Set only these:
- Source zone: guest
- Protocol: check all of them. If you only block TCP and UDP, pings (ICMP) will still go through.
- Destination IP: 192.168.11.0/24 or even 192.168.0.0/16
- Destination zone: Any
- Action: Drop or Reject
If you block all 192.168.0.0 IP, this rule needs to be lower in the list than the ones that allow DNS and DHCP.
Thank you. That appears to be working great!
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.