Hi, my plan is using a AP. I have installed openwrt on a Unifi AP AC LR and want to do the following.

  • AP SSID for internet and LAN access
  • separate AP SSID for IoT without Internet access (for IoT devices to communicate with Homeassistant) within a management VLAN (Same physical connection via ethernet as the above wifi connection)
  • I also want to put all access such as WEB/SSH into the management VLAN.

This must still allow LAN access and DHCP etc for the main SSID with internet access.

Is this possible to achieve?


Yes, this is possible in general. However, the AP-AC-LR only has a single ethernet port. So, if you need any wired computers on the LAN (or any of your VLANs), you need to have a managed switch that will connect to that ethernet port so you can 'break out' the WAN and your VLANs on different ports.

Sorry im not sure you understand me correctly.

I want 4 wifi interfaces

Wifi 1 5G
Wifi 1 2.4G
Wifi 2 5G
Wifi 2 2.4G

I want both wifi 1 interfaces and the management interface with web access in vlan 1

Then I want the other wifi 2 interfaces in vlan2.

So, i will trunk both vlan1 and vlan2 over the sinlge eth0 port on the unify. Then direct them appropriately when they reach the switchport trunk to the access ports in the assigned vlans.

Is this possible?


So my question is

Do I create 2 bridges and assign all interfaces to each bridge then tag each bridge?

