Show pagesourceOld revisionsBacklinksBack to top × Table of Contents Guest Wi-Fi on a dumb wireless AP using LuCI 1. Define a new network 2. Edit the newly created interface 3. Set up the firewall zone 4. Set up the firewall traffic rules Guest Wi-Fi on a dumb wireless AP using LuCI Guest Wi-Fi provides internet access to your network members. It also provides firewall security rules to isolate your guest network from the rest. This recipe is based on the Guest Wi-Fi basics and Guest Wi-Fi extras, providing a more user-friendly approach through the LuCI web interface. The changes below assume an OpenWrt default configuration. We assume that you have a private WLAN set on 192.168.1.xxx and want a guest WLAN on 192.168.2.xxx. 1. Define a new network Add a new wireless radio Give it an SSID and add it to the guest network. 2. Edit the newly created interface At the interfaces, edit the `guest` interface that you just created. Switch the protocol to a static address. Fill in the static IP, subnet mask and enable DHCP. Make sure the static IP is on a different subnet. 3. Set up the firewall zone At firewall settings, create a new guest firewall zone. At the firewall settings, edit the newly created guest zone. Set Input to REJECT, Output to ACCEPT and Foward to REJECT. Allow forward to destination zone: `lan`. It should look as follows Also enable masquarading for lan 4. Set up the firewall traffic rules Now go to the traffic rules tab inside firewall and add the following three rules: This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.OKMore information about cookies Last modified: 2021/02/05 09:43by vgaetera