Hello all,
I'm running the brcm-2.4 variant of the OpenWRT 10.03 release, and I've followed the routed AP guide on the wiki at http://wiki.openwrt.org/doc/recipes/routedap. I'm trying to take it a step further and host both a "private" and a "public" WLAN from the same device (a Linksys WRT54G version 4). The idea is that I set up the firewall forwarding rules to allow wireless clients on the private WLAN to talk to wired clients on the wired LAN and vice versa, but restrict wireless clients on the public WLAN to WAN access only.
Here's the relevant snippets from my config files:
/etc/config/network
### private wlan
config interface wlan0
option proto static
option ipaddr 192.168.2.1
option netmask 255.255.255.0
config interface wlan1
option proto static
option ipaddr 192.168.3.1
option netmask 255.255.255.0
/etc/config/wireless
config wifi-iface
option device wl0
option network wlan0
option mode ap
option ssid Private
option encryption psk2
option key mysupersecretpassword
config wifi-iface
option device wl0
option network wlan1
option mode ap
option ssid Public
option encryption psk2
option key guest
/etc/config/dhcp
config dhcp wlan0
option interface wlan0
option start 100
option limit 150
option leasetime 12h
config dhcp wlan1
option interface wlan1
option start 100
option limit 150
option leasetime 12h
/etc/config/firewall
config zone
option name wlan0
option input ACCEPT
option output ACCEPT
option forward REJECT
config zone
option name wlan1
option input ACCEPT
option output ACCEPT
option forward REJECT
config forwarding
option src wlan0
option dest wan
config forwarding
option src wlan1
option dest wan
### allow private wireless clients to access wired clients and vice versa
config forwarding
option src wlan0
option dest lan
config forwarding
option src lan
option dest wlan0
When I try out this configuration, wireless clients on the Private network work just fine; they have internet access and can reach wired clients. However, wireless clients on the second Public network only receive an IP address, and don't have any internet connectivity.
Running ifconfig shows me two wl0.* devices with the 192.168.2.1 and 192.168.3.1 ip addresses, respectively. Perhaps this is problematic and I'm simply exceeding the capabilities of the device/firmware?
Has my issue been addressed with the newer interim 10.03.* releases? I checked the changelogs but didn't spot anything that seemed like it was relevant.
Thanks in advance for the help!