I asked ChatGPT to guide me through configuring OpenWrt on Fritzbox 4040.
I need to create separate networks from my main network for guests and IoT devices. These networks should be isolated from the main network—or rather:
I need to be able to access the secondary networks from the main network.
Devices on the secondary networks should NOT be able to access the main network.
Network layout:
Main network: 192.168.1.1
Guest network: 192.168.2.1
IoT network: 192.168.3.1
I followed the AI’s instructions step by step, but it’s not working:
I cannot access the secondary networks from the main network.
I’m not confident that I configured everything correctly, especially regarding isolation and firewall rules.
I would really appreciate step-by-step guidance or examples of correct firewall and interface settings to achieve this setup.
Don't trust AI to give you the right recipes. As a result of this, simply reset your device to defaults and start over. Do this one network at a time so you can prove it works (easier to debug rather than situations with multiple/compounded mistakes).
Please use a search engine and the buildin search of the forum first.
This topic hits this forum on a regular basis. There is nothing new. Nothing complicated. No config chances in ages yadda yadda yadda. I simply don't get why modern users seams to be unable to search and think on their own for literally 10 min.
If you want to make any substantial contributions then check the wiki too and add missing parts.
But bla bla Output of a tripping Markov chain does not help anyone.
Furthermore, it helps nobody if the same bogus config snippits are reposted every time. Explain WHAT needs to be done and HOW can it be done.
Dear, don’t get upset — I completely understand what you’re saying.
I removed the part that could confuse other users.
The search engine is useful only if you know what to look for — keywords, etc.
The terminology used in network configurations is broad and quite difficult .
“Isolate guest Wi-Fi OpenWrt ” would be better and more understandable for those who are looking for that feature.
You take for granted that it’s protected from the rest of the network because it’s obvious to you — just like there are many things in the field of graphics that are obvious to me but not to you.
Anyway, I’ve solved the issue, thank you all.
Isolation is generally implied for a guest network. But just in case that assumption isn't shared among all readers, the following can be found in the linked wiki article:
Guest Wi-Fi refers to a separate wireless network that provides Internet access for guests and/or untrusted devices while keeping them isolated from the main network
And when I run a Google search, the 2nd result shows the same article I linked above (a Reddit post has the top spot).
@psherman You say that isolation is implicit in a guest network, but if this topic keeps coming up so often, there must be some kind of issue somewhere.
The Reddit post is at the top simply because it contains the word “isolate” , which is exactly what people are looking for — they just don’t realize that it’s supposed to be implicit.
The topic of a "guest network" keeps coming up. Largely because people don't use search.
I think most users understand that the intent of a guest network (in most cases) is for it to be isolated.
Actually, that reddit post is to isolate guest clients from each other. That is to say that if you have two users who both connect to the guest network, their devices will not be able to connect to each other. That is a slightly different situation than isolating the guest network from the main trusted lan. The guest device isolation (from other guest devices) is something that can be done in addition to the guest/trusted-lan isolation (although there are also some nuances of guest device isolation, specifically when using multiple APs).