Guests WiFi on main router and dumb ap

Installing and Using OpenWrt Network and Wireless Configuration
1

I have two OpenWRT devices: my ISP router and a TP-Link router that I use as a dumb ap in my living room.

I want to setup 3 wireless SSIDs on both my devices:

  • Trusted Network 2.4GHz (10.1.0.0/20)
  • Trusted Network 5GHz (10.1.0.0/20)
  • Guests Network 2.4GHz (172.16.0.0/26)

The trusted network works perfect (both devices) but I cannot figure out how to make the guests network work. I have two DHCP servers on my main router for its SSIDs but how can I use the second DHCP server (for the guest network) also for my dumb ap?

I also want to use my DNS (Pi-hole) for the guest network.

How can I achieve all that?
Thanks in advance.

2

router - https://openwrt.org/docs/guide-user/network/wifi/guestwifi/guest-wlan
AP - https://openwrt.org/docs/guide-user/network/wifi/guestwifi/guestwifi_dumbap

1 Like
3

Sorry, I submitted the thread accidentally while writing it.

4

This guide involves the use of the firewall that I disabled on my dumb ap. Should I re-enable it?

5

there might be a way to do it using VLANs, but I'm not export, I have a completely dedicated router serving my IoT (same as guest lan, no LAN access) devices.

this could be helpful too Guest network on dumb AP with VLANs - #4 by darksky, esp the last video.

6

With vlans it is possible to extend the guest vlan from the router to the dumbAP. However it may not be worthy the trouble and you can live with having a DHCP server on the dumbAP for the guest network.

Advertise it from DHCP option 6.

1 Like
7

The problem of having two different DHCP servers on the router and the dumb ap I can imagine is that the wifi roaming will not work work correctly.

I'm enough techy to be able to tinker with vlans if it's necessary.

And for the DNS, my Pi-hole is on the main subnet (10.1.0.0/20) and it seems that I cannot use it from a different (guests) subnet (172.16.0.0/26).

8

If roaming matters to you, then you'll have to setup the vlans.
As for the PiHole, it is not a problem that it lies in another network. Add a firewall rule to allow udp/53 from guest to lan pihole and configure pihole to listen to all origins.

9

Got it, aaaand how to setup the vlans?

My dumb ap is connected through a managed switch to my main router.

10

There is a guide in the wiki.

1 Like
11

And what point applies to my case?

12

#4 as it opens directly from the link.