Hello and happy Holidays everyone.
I have used OpenWrt for a couple of years. Now I got my hands on a cheap pfsense-box. I want to add the firewall into my network.
This is my working network at the moment:
I have my ISP-router, then a cable into the WAN-port of my OpenWrt-router (Archer C7 V2.0). Than I have three networks, the normal LAN with a WIFI bridge, a network for IoT devices and a network for guest devices with a WIFI bridge.
Devices in the IoT network and the guest network can't reach anything but the WAN. (Blocked by firewall rule).
This was important to me, that those clients are isolated from the rest of the network
I have two ideas how to incorporate the firewall into my network.
Number 1
With a transfer network between ISP-Router and OpenWRT-router:
Number 2
With the pfsense-box in the same network as the OpenWRT-router and set the pfsense-box default gateway:
I tried number 1 and disabled masquerading on the WAN in OpenWRT. Then I connected the WAN-Port of OpenWRT-router to the LAN port of the pfsense-box and the WAN port of the pfsense-box to the LAN port my ISP-router.
But that doesn't work.
I guess I need to set static routes
I also considered number 2 because it looks a lot cleaner to me, but I do not know if I can isolate the IoT and the guest network hosts from the LAN (192.168.1.0) that way. And I want to keep them isolated.
Can some help me with the setup? Preferred in luci when possible. Thanks in advance!