Passthrough and NATted WiFi to the same WAN

I am using an OpenWRT device with only one Ethernet-port.

The goal: Two WiFi networks, one with direct access to the network land the other one NATted.

The DHCP of the upstream network has enough addresses left. I tried using relayd and kmod-relay, but in both cases only one of the WiFi networks worked at a time. Does something like a virtual switch with virtual interfaces exist?

Not sure what you mean here, since you only have 1 port; but this can be done with VLANs. One VLAN is:

  • connected to the WiFi and Ethernet port,
  • the other only bridged to WiFi, addressed with RFC1918 IPs, and allowed to go to WAN with masquerading (NAT) on
1 Like

VLAN on which interface? On eth0 I want to use untagged in both cases.

I never said anything about tagging, since you won't be connected to an Ethernet interface (using WiFi).

Both interfaces. You need VLANs:

  • One bridge to Ethernet port and WiFi 1
  • One bridge to WiFi 2
  • Done!

Tried that, but somehow it never worked simultanously.