What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Trying to understand Guest Network Pro limitations

jksmurf said:
While I’d be comfortable making these specific rules, following these guidelines, for average users (me), wouldn’t it be nice if this IPTables forwarding rule (if that is what it is called) could be incorporated into Merlin Firmware or an Addon? It just makes it easier to add, amend and delete.

There must be other folks that would like to assign e.g. Guest users, access to a single device on the primary network, like a printer.
Click to expand...
This sounds like a great suggestion!
My idea would be to have this as an additional option in the DHCP section: when you assign a fixed IP to a device, to have the option to allow access to and/or from the device from other networks (VLANs).
 
I am running into Guest Pro issues not to be reported until further tracked down. But, I notice a lot AVAHI in this thread. I want to clear out Avahi altogether to use pure DNS services through dsnmask mostly with DHCP IP and name assignments and very small DHCP pools per vlan/subnet/interface, if any, and a single unbound server for external recursive resolution. I suspect that sudden weird IOT device behavior, wireguard interactions, and vlan behaviors stem in part from DNS and mDNS interaction. According to Wikipedia, Multicast DNS (mDNS) is a computer networking protocol that resolves hostnames to IP addresses within small networks that do not include a local name server, which clearly is not the case. There are ancient threads regarding getting rid of Avahi that appear to be suggestive but inconclusive. Getting Avahi out nssswitch.config will help but I want to kill off any server or network debris related to Avahi, preferably before they can start. Concrete, workable suggestions appreciated.
 
SSovets said:
This sounds like a great suggestion!
My idea would be to have this as an additional option in the DHCP section: when you assign a fixed IP to a device, to have the option to allow access to and/or from the device from other networks (VLANs).
Click to expand...
Can we add a single field to each Guest Pro SDN page that to allow a local network name and domain be assigned which will be used in dnsmasq-SDN.conf and also in dnsmasq.conf as server forwards to those SDN unique local network names? As a bonus let the Vlan local network name also the a host address for the SDN's DNS service (dnsmasq)? My thought is to use the GUI to assign the local DNS server first in DHCP options and the main LAN server second.
 
Last edited:
CornfieldWin said:
I suspect that sudden weird IOT device behavior, wireguard interactions, and vlan behaviors stem in part from DNS and mDNS interaction.
Click to expand...
What proof (like a system log or similar that can be verified) do you have that your Guest Network Pro issue stems from DNS and mDNS interaction? What proof (again system log or similar) is there that AVAHI is causing any issues with your Guest Network Pro configuration?
 
CornfieldWin said:
Can we add a single field to each Guest Pro SDN page that to allow a local network name and domain be assigned which will be used in dnsmasq-SDN.conf and also in dnsmasq.conf as server forwards to those SDN unique local network names? As a bonus let the Vlan local network name also be a host address for the SDN's DNS service (dnsmasq)? My thought is to use the GUI to assign the local DNS server first in DHCP options and the main LAN server second.
Click to expand...
You can add whatever you want, it's your router. When it breaks I'm sure you'll be back asking for help again. Maybe you'll get "hacked" again 😂
 
CornfieldWin said:
Can we add a single field to each Guest Pro SDN page that to allow a local network name and domain be assigned ...
Click to expand...
One can probably try setting a domain name for a Guest Network Pro profile (SDN) using dnsmasq-INDEX.conf.add (INDEX = SDN index number), and adding a custom domain. Make sure to set the appropriate permissions on the dnsmasq-INDEX.conf.add file and save it to the proper location on the Asus router.

Adding a custom domain​

You can assign a domain simply by adding:

address=/router/192.168.1.1

Alternatively, if you continue to use add a custom domain to hosts in your (local) network:
local=/home.arpa/
domain=home.arpa
Click to expand...
More general, possibly outdated, information here, adjusted to match the use of dnsmasq-INDEX.conf.add:
github.com

Custom domains with dnsmasq

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng
github.com github.com
PS: If you want to change the GUI itself, that's up to you and it may introduce issues or problems if done incorrectly.
 
bennor said:
One can probably try setting a domain name for a Guest Network Pro profile (SDN) using dnsmasq-INDEX.conf.add (INDEX = SDN index number), and adding a custom domain. Make sure to set the appropriate permissions on the dnsmasq-INDEX.conf.add file and save it to the proper location on the Asus router.

More general, possibly outdated, information here, adjusted to match the use of dnsmasq-INDEX.conf.add:
github.com

Custom domains with dnsmasq

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng
github.com github.com
PS: If you want to change the GUI itself, that's up to you and it may introduce issues or problems if done incorrectly.
Click to expand...
Not seriously thinking of hacking the GUI. Honestly, just a thought. But I am trying to automate the process with simple configurable scripts.
 
You must log in or register to reply here.

Similar threads

I
Guest Network Pro + VLAN 52 breaks DHCP when LACP is enabled
Replies
6
Views
901
i5Js
I
J
Guest Network Pro Issues With AiMesh Node
Replies
14
Views
2K
visortgw
visortgw
7
Guest network pro issue 3006.102.5
Replies
11
Views
1K
bennor
B
1
Understanding guest network pro
Replies
4
Views
1K
visortgw
visortgw
Seth Harman
Seeking clarity for Guest Network Pro/VLANs
Replies
7
Views
3K
jksmurf
J
Similar threads
Thread starter Title Forum Replies Date
J trying to setup vpn client Asuswrt-Merlin 2
R Solved DNS Director appears to work differently now after one of the recent firmware updates. I want to clarify to make sure I understand the changes. Asuswrt-Merlin 2
C Want to share a global DNS between main network and Guest Pro Vlans Asuswrt-Merlin 6
I Guest Network Pro + VLAN 52 breaks DHCP when LACP is enabled Asuswrt-Merlin 6
J Guest Network Pro Issues With AiMesh Node Asuswrt-Merlin 14
J DNS Server Settings and Priority with Guest Network Pro? Asuswrt-Merlin 11
S 3006.102.5 Guest Network Pro issues in Aimesh nodes after reboot Asuswrt-Merlin 58
7 Guest network pro issue 3006.102.5 Asuswrt-Merlin 11
S Accessing router SMB server from Guest network? Asuswrt-Merlin 2
C Firewall URL filter bypassed by guest networks with disabled intranet access Asuswrt-Merlin 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 725 (members: 14, guests: 711)
Back
Top