[Solved] Two IP Addresses in the same net

These accomplish are mutually exclusive of themselves, you cannot do both of these at the same time. Perhaps I'm confused; but I think you could do this differently, especially if your router only has one real WAN connection:

  • Since you want all devices to remain on the same LAN. You could simply redo the default firewall rules of LAN to better suit your needs.

Yes and no, you will see that Linux is not well-suited to 2 IPs that possess different gateways. This has to be accomplished using policy-based routing.

  • You would create a second OpenWrt interface for the guest network.
  • You would add a VLAN so wired clients could use it (e.g. VLAN 3 would be eth0.3)
  • You give this network a unique numbering scheme (e.g. 192.168.4.0/24)
  • If your wireless chip permits multiple SSIDs, you then create another Guest SSID and add it to the guest network
  • You would configure guest network to use a second routing table and create a default route via the VPN tunnel.
  • You make IP rules for 192.168.4.0/24 to use the VPN routing table
  • **for individual IPs in LAN (e.g. 192.168.1.11/32), you make IP rules to use the the VPN tunnel (be advised that those devices will not be able to talk to other networks on your LAN while this rules is in place
  • Firewall as desired

There are many threads on this site that show how to make these routes and rules.

1 Like