I’m pretty new here, and new to network configuration and OpenWRT, as such I’m not quite sure if what I’m asking for is correct, or feasible.
I wanted to set up my home network as following:
Network 1 - LAN ports 1 and 2; One 2.5GHz and one 5GHz SSID - Home PC, Laptop, Smartphone, Server
Network 2 - LAN port 3; One 5GHz SSID - Work thin client, Work phone
I want both networks to be under two different subnets (192.168.1.* and 192.168.2.*), and I don’t want them to be able to talk with each other in any way.
Reasoning? I would prefer not to have my personal traffic be intercepted, or mix home with work stuff.
I tried this tutorial: [OpenWrt Wiki] DSA Mini-Tutorial, and I attempted creating a separate bridge, but in the end I soft bricked the router, so I assume I didn’t know what I was doing.
I had the br-lan on which I left in with the LAN ports 1 and 2 + eth0
I made another device, br-lan-work which I left in with LAN ports 3 + eth0
Would this be possible, and if yes, would anyone be able to let me know how to achieve this?
we never verify them, Maybe you can try to modify the files “/etc/config/network and /etc/config/firewall” to create two network domain. Maybe you can implement the feature.
I saw that the two devices connected correctly with 192.168.2.* IP, so DHCP works, however I don’t seem to be able to get any internet access on any of the devices.
The work thin client gave me this error message when connecting: “Connection refused by the server, it may be due to protocol, port or firewall issues”.
And the work phone (Android) mentions “Internet might not be available” / “Connected without internet”.
Any ideas if I might be missing something, or how I could troubleshoot this?
your wan is a private IP address. You’ll want to make sure you have static routes pointing both 192.168 networks to the bpi router on the other internal router you’re using for wan.
you’ll also want to make sure you have the firewall zone setup the same as the lan network to allow outgoing connections.
Also, in my working config I don’t have eth0 on any of the bridges. just physical lan and wifis. The tutorial you posted also does not add eth0 to bridges.
@mcgeezy: Thank you for the tips. It seems the missing puzzle piece was the firewall setup.
I followed this tutorial and it worked for me: https://youtube.com/watch?v=reMrbOl-anM
The only difference is that instead of setting up VLANs, I used the bridge configuration I did above (see screenshots)
For some reason when I set up the VLANs, Wifi stopped working (the phones wouldn’t be able to authenticate at all.
