Hi All,
First thank you to all people here helping with network stuff! I just discovered the jffs and script support in merlin firmware and trying some network setups.
My mail goal is to have different guest networks going through different vpn clients. Each guest network should have access to the LAN devices and see all traffic from it.
So first, I used the tutorial available here: https://github.com/RMerl/asuswrt-me...or-VPN-and-SSID-for-Regular-ISP-using-OpenVPN
I had to adjust it a bit because as I was saving settings in the router GUI, some iptables rules were dissapearing. Now I have a setup that handles config changes well.
Second step, I added some iptables FORWARD rules to accept traffic from Guest1 to LAN and from LAN to Guest1 and it works well too. I can connect both ways:
iptables -I FORWARD -s $WRLSS_IF_NTWK_ADDR/24 -d <MY_LAN_SUBNET> -j ACCEPT
iptables -I FORWARD -s <MY_LAN_SUBNET> -d $WRLSS_IF_NTWK_ADDR/24 -j ACCEPT
But now I would like to have access, from my guest network, to all packets coming from the LAN subnet so I can see my wireless speakers available in Spotify for example.
So I see two potential solutions (but not sure they all work):
1. Is there a way to use the same subnet with multiple DHCP servers and multiple devices? E.g.: LAN DHCP could give IPs from 192.198.0.10 to 192.168.0.50, then wl1.1 could give IPs from 192.168.0.51 to 192.168.0.70, etc? I tried to assign the same subnet range to the DHCP of both LAN and wl1.1 in dnsmasq.conf but I always get an IP from the LAN DHCP.
That way I would not have to bother with routing the packets from one subnet to another, but I don't know if it's possible...
2. Have some iptables rules or something else that will forward all ip from LAN subnet to guest subnet. I already used the following command: echo 1 > /proc/sys/net/ipv4/ip_forward but I see that the value is already 1 when I reboot the router. Right now, with the two FORWARD rules I mentioned before and the ip_forward set to 1, I still don't see my speakers in spotify when connected to the guest wireless connection.
I'm still not a super wiz in networking so any help would be REALLY appreciated
Thank you very much!
First thank you to all people here helping with network stuff! I just discovered the jffs and script support in merlin firmware and trying some network setups.
My mail goal is to have different guest networks going through different vpn clients. Each guest network should have access to the LAN devices and see all traffic from it.
So first, I used the tutorial available here: https://github.com/RMerl/asuswrt-me...or-VPN-and-SSID-for-Regular-ISP-using-OpenVPN
I had to adjust it a bit because as I was saving settings in the router GUI, some iptables rules were dissapearing. Now I have a setup that handles config changes well.
Second step, I added some iptables FORWARD rules to accept traffic from Guest1 to LAN and from LAN to Guest1 and it works well too. I can connect both ways:
iptables -I FORWARD -s $WRLSS_IF_NTWK_ADDR/24 -d <MY_LAN_SUBNET> -j ACCEPT
iptables -I FORWARD -s <MY_LAN_SUBNET> -d $WRLSS_IF_NTWK_ADDR/24 -j ACCEPT
But now I would like to have access, from my guest network, to all packets coming from the LAN subnet so I can see my wireless speakers available in Spotify for example.
So I see two potential solutions (but not sure they all work):
1. Is there a way to use the same subnet with multiple DHCP servers and multiple devices? E.g.: LAN DHCP could give IPs from 192.198.0.10 to 192.168.0.50, then wl1.1 could give IPs from 192.168.0.51 to 192.168.0.70, etc? I tried to assign the same subnet range to the DHCP of both LAN and wl1.1 in dnsmasq.conf but I always get an IP from the LAN DHCP.
That way I would not have to bother with routing the packets from one subnet to another, but I don't know if it's possible...
2. Have some iptables rules or something else that will forward all ip from LAN subnet to guest subnet. I already used the following command: echo 1 > /proc/sys/net/ipv4/ip_forward but I see that the value is already 1 when I reboot the router. Right now, with the two FORWARD rules I mentioned before and the ip_forward set to 1, I still don't see my speakers in spotify when connected to the guest wireless connection.
I'm still not a super wiz in networking so any help would be REALLY appreciated
Thank you very much!