Hello all,
I'm trying to set up an EdgeRouter POE with an isolated guest wifi, the closest that I've found on these forums is about a guest wireless on an Airport. My setup is a little different:
This is how it would look like. The EdgeRouter will have some devices connected to it, a soho router with DD-WRT configured in switch/wireless AP mode will be connected to one of the ports on the EdgeRouter. the DD-WRT will have devices physically connected to it and also run two wireless networks.
I would like to isolate the following:
1. Everybody that connects to the guest network can get DHCP & internet but not access any part of the local network
2. some of the devices directly connected to the EdgeRouter will be isolated in the same way.
Number 2 is easy, based on what I've gathered I can just put arbitrary ports on the EdgeRouter into a separate guest VLAN and then configure the firewall rules accordingly. Since the EdgeRouter POE has 3 switchable ports grouped as switch0, would I even be able to just do that and put switch0 into an isolated VLAN?
Number 1 is what I'm really confused by. Since the DD-WRT router will have physically connected devices as well as two sets of wireless radios. I want the physically connected devices, the own wireless network, and any non-isolated devices attached directly to the EdgeRouter to all be able to access the local network. So I don't think I can just isolate the DD-WRT's port altogether.
I imagine setting up guest isolation on the DD-WRT would be useless since it won't be the one actually controlling traffic when it's acting as a switch for the EdgeRouter.
So How would I isolate just the guest network on the DD-WRT?
Thanks!