Goal
Configure routing different routing targets (WANS) for different internal interfaces (Zones).
Circumstances
- I want to separate Guest devices from my (own) private local network, i.e. want a separated guest network.
- I want to route the majority of the traffic through a VPN wan, with some exceptions. Exceptions shall apply for the private network only. These exceptions shall be routed through another wan port (standard internet service provider).
- I therefore setup two wan interfaces (
wan
andwan_2
and two lan (LAN
andLAN_guest
) interfaces.- firewall allows access for
LAN
toẁan
andwan_2
- firewall allows access for
LAN_guest
towan_2
only - default route for both lans is
wan_2
i.e. the VPN route. - I configured exceptions (access targets not through VPN) via luci
Static Routes
- firewall allows access for
This works fine for the private network.
The issue is, that devices in LAN_guest
guest now cannot access resources where I configured the above mentioned exceptions for.
What is the best way to allow guest devices in LAN_guest
to still access resources (via wan_2
now)?
Google found topics such as policy based routing or source based routing. I am not sure how to configure this with LEDE. Do I need to configure Traffic Rules
or Custom Rules
?
Many Thanks in advance