Menu
What's new
By:
Filters Better Search

Solved How to direct WiFi Guests to WAN instead of VPN tunnel?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

DTS

Regular Contributor
I would like to enable the WiFi Guest Network feature. I'm using Asus Merlin 386.3_2 on an RT-AC86U. All my other traffic goes out via a VPN tunnel (and I'm using the VPN Director feature). Is it possible to direct WiFi Guests to the WAN interface instead of a VPN tunnel?

EDIT: the solution is YazFi
 
Last edited:
After posting this question I found some prior discussions on related topics, particularly this one: http://www.snbforums.com/threads/guest-network-ip.75264/post-719198

I decided to replicate what @eibgrad did using my AC86U. Here's the start:

Guest #1 enabled

Code: 
admin@AC86U-Merlin:/tmp/home/root# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.1cb72ccb0960       yes             eth1
                                                        eth2
                                                        eth3
                                                        eth4
                                                        eth5
                                                        eth5.0
                                                        eth6
                                                        eth6.0
br1             8000.1cb72ccb0961       yes             eth1.501
                                                        eth2.501
                                                        eth3.501
                                                        eth4.501
                                                        eth5.501
                                                        eth6.501
                                                        wl0.1
admin@AC86U-Merlin:/tmp/home/root# ifconfig br1
br1       Link encap:Ethernet  HWaddr <redacted>
          inet addr:192.168.101.1  Bcast:192.168.101.255  Mask:255.255.255.0
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:1 errors:0 dropped:1 overruns:0 frame:0
          TX packets:264 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:60 (60.0 B)  TX bytes:16393 (16.0 KiB)



Guest #2 enabled

Code: 
admin@AC86U-Merlin:/tmp/home/root# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.1cb72ccb0960       yes             eth1
                                                        eth2
                                                        eth3
                                                        eth4
                                                        eth5
                                                        eth6
admin@AC86U-Merlin:/tmp/home/root# ifconfig br1
ifconfig: br1: error fetching interface information: Device not found
admin@AC86U-Merlin:/tmp/home/root# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.1cb72ccb0960       yes             eth1
                                                        eth2
                                                        eth3
                                                        eth4
                                                        eth5
                                                        eth6
                                                        wl0.2
And then my router crashed and refused to reboot properly. I have to assume that the Guest Network functionality is not stable. Is that true?

Is it even worth trying to do what I asked about (direct WiFi Guests to the WAN interface instead of a VPN tunnel)?
 
These days, I think most ppl would solve this type of problem using YazFi, which allows you to assign any of the guest networks their own unique IP network (e.g., 192.168.3.0/24), separate from the private network (e.g., 192.168.1.0/24). If you then establish policy rules that only route 192.168.1.0/24 over the VPN, the guest network(s) will be excluded.

That said, I always recommend you stay away from guest #1 since ASUS has messed around with it for the benefit of AiMesh.
 
Policy based routing also is a possibility though you would need to assign devices static IPs.
 
CaptainSTX said:
Policy based routing also is a possibility though you would need to assign devices static IPs.
Click to expand...
Guest devices are outside of my control, and even if I could control them, it would not be practical to manage ever-changing guests that way.

YazFi looks like it will work. Now I just need to find out why my router started crashing when I enabled guest networking...
 
You must log in or register to reply here.

Similar threads

J
Correctly using VPN Director?
Replies
2
Views
544
jetpack42
J
H
VPN Director Ports?
Replies
1
Views
336
RMerlin
RMerlin
H
Can VPN Director Route Guest Wifi Network Traffic Over VPN Connection?
Replies
0
Views
347
HarryMuscle
H
128bit
can VPN Director be set to automatically use the wan for youtubeTV?
Replies
8
Views
773
128bit
128bit
C
How can I do this.. Router VPN Client to Server 2
Replies
3
Views
312
ComputerSteve
C
Similar threads
Thread starter Title Forum Replies Date
A Ting-fire device can't get DHCP addr direct from Asus router wifi...can get address from Asus router via TP-Link extender Asuswrt-Merlin 14
G How to VPN Direct Smart TV to Different VPN Tunnel to Rest of Devices Asuswrt-Merlin 1
M [🙏 Feature request For Asus Merlin] Add Public WiFi Mode for GT-AX11000 Asuswrt-Merlin 7
Akki WIFI Calling Asuswrt-Merlin 18
B Wifi performance on RT-AX86U Pro Asuswrt-Merlin 1
c.petras 3004.388.6 AX86U poor 2.4 Wifi Asuswrt-Merlin 5
R Interface Shown As 5G Wifi When Connected To 2.5G Ethernet Asuswrt-Merlin 7
Neo-ST [AX86U Pro] WIFI not working well after updating from stock to Merlin Asuswrt-Merlin 33
B AX88U WIFI 5GHZ Issues Asuswrt-Merlin 1
G wifi devices get disconnected from router/aimesh single iphoneXS/15 pro triggers this when coming home Asuswrt-Merlin 15

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 901 (members: 19, guests: 882)
Top