Hello,
I have the following setup at my organization:
Outbound Internet access given by a corporate router that only our provider can configure (all I can do is power cycle it).
Several switches to connect Ethernet-based workstations to the router.
Four OpenWrt dumb wireless APs configured as per this guide, one connected directly to the router, the others with the aforementioned switches in between.
The router delivers addresses in the 10.20.30.0/24 range. I have configured the access points' LAN interface to use 192.168.99.0/24 in order to completely avoid collisions. Whenever I need to access LuCI or SSH, I change my workstation's IP to 192.168.99.123/24, do my work, then switch back to DHCP.
That works very well. But my question is, is it possible to somehow have access to the APs without having to change subnets, i.e. reach 192.168.99.0/24 from my 10.20.30.0/24 address? While OpenWrt is very stable for this task and requires zero maintenance, I also have MAC filtering enabled so that only authorized employees may connect (I am aware this can be easily worked around, but in practice it has been very effective), and the whitelists must be updated regularly. Having to change to the other subnet regularly is cumbersome, and renders my workstation with no Internet access until I finish the task.
I only control them from a single computer, so solutions like static IP routes or ARP mappings, if that's involved, are acceptable. I know the best approach would be put another OpenWrt device or a Linux server between the APs and the router and centralize all filtering there, but that's a no-go at the moment.
Thanks in advance!