I have created a Guest WiFi for my IoT things by following standard procedure outlined here: https://oldwiki.archive.openwrt.org/doc/recipes/guest-wlan-webinterface
It works fine and my dodgy Chinese stuff is not allowed to be near my internal network. I have one Raspberry Pi currently on Guest WiFi (192.168.3.100) that I would like to SSH to from my Home computer (192.168.0.100).
Basically, I want to route port 22 between Rpi@192.168.3.100 on Guest WiFi and computer@192.168.0.100 on my Home WiFi. Client isolation is turned on (if that makes any difference).
Is there anyone who can give me a hint on how to do this?
Thanks, but this would basically bridge guest LAN to home LAN. There is no point of having Guest LAN if everything is open in-between. I only want to open port 22 between one IP on Guest and one IP in LAN.
OK, thanks. Does this mean that LAN can talk to Guest but not the other way around?
Is there a way to lock this route to one Guest IP and port 22 only?
uci add firewall rule
uci set firewall.@rule[-1].name="Allow-SSH-LAN-Guest-RPi"
uci set firewall.@rule[-1].src="lan"
uci set firewall.@rule[-1].dest="guest"
uci set firewall.@rule[-1].dest_ip="192.168.3.100"
uci set firewall.@rule[-1].dest_port="22"
uci set firewall.@rule[-1].proto="tcp"
uci set firewall.@rule[-1].target="ACCEPT"
uci commit firewall
service firewall restart