OpenWrt Forum Archive

Topic: Routed AP + Multi-SSID on 10.03?

The content of this topic has been archived on 2 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Hello all,

I'm running the brcm-2.4 variant of the OpenWRT 10.03 release, and I've followed the routed AP guide on the wiki at http://wiki.openwrt.org/doc/recipes/routedap. I'm trying to take it a step further and host both a "private" and a "public" WLAN from the same device (a Linksys WRT54G version 4). The idea is that I set up the firewall forwarding rules to allow wireless clients on the private WLAN to talk to wired clients on the wired LAN and vice versa, but restrict wireless clients on the public WLAN to WAN access only.

Here's the relevant snippets from my config files:

/etc/config/network

### private wlan
config interface wlan0
        option proto      static
        option ipaddr     192.168.2.1
        option netmask    255.255.255.0

config interface wlan1
        option proto      static
        option ipaddr     192.168.3.1
        option netmask    255.255.255.0

/etc/config/wireless

config wifi-iface
        option device     wl0
        option network    wlan0
        option mode       ap
        option ssid       Private
        option encryption psk2
        option key       mysupersecretpassword

config wifi-iface
        option device     wl0
        option network    wlan1
        option mode       ap
        option ssid       Public
        option encryption psk2
        option key        guest

/etc/config/dhcp

config dhcp wlan0
        option interface  wlan0
        option start      100
        option limit      150
        option leasetime  12h

config dhcp wlan1
        option interface  wlan1
        option start      100
        option limit      150
        option leasetime  12h

/etc/config/firewall

config zone
        option name       wlan0
        option input     ACCEPT
        option output     ACCEPT
        option forward    REJECT

config zone
        option name       wlan1
        option input     ACCEPT
        option output     ACCEPT
        option forward    REJECT

config forwarding
        option src        wlan0
        option dest       wan

config forwarding
        option src        wlan1
        option dest       wan

### allow private wireless clients to access wired clients and vice versa
config forwarding
        option src        wlan0
        option dest      lan

config forwarding
        option src        lan
        option dest      wlan0

When I try out this configuration, wireless clients on the Private network work just fine; they have internet access and can reach wired clients. However, wireless clients on the second Public network only receive an IP address, and don't have any internet connectivity.

Running ifconfig shows me two wl0.* devices with the 192.168.2.1 and 192.168.3.1 ip addresses, respectively. Perhaps this is problematic and I'm simply exceeding the capabilities of the device/firmware?

Has my issue been addressed with the newer interim 10.03.* releases? I checked the changelogs but didn't spot anything that seemed like it was relevant.


Thanks in advance for the help!

First try upgrading to 10.03.1-rc4. If that doesn't work, simply bridge wlan0 with lan.

The discussion might have continued from here.