OPNsense Forum
English Forums => General Discussion => Topic started by: GiantJack on June 13, 2019, 07:11:25 pm
-
Hi !
I try to make a guest wifi work with my opnsense router/firewall and dumb wifi AP with openwrt.
It followed this howto to setup the openwrt side:
http://steven-england.info/2014/11/01/openwrt-how-to-create-a-public-network-without-using-the-wan-interface/
My test network is like this:
phone 192.168.4.107-----wifi------[GUEST AP 192.168.4.1 / LAN 192.168.1.252]----ethernet-----[LAN 192.168.1.254 opensense WAN:]------- internet
According to opnsense firewall log live view, my phone is able to emit over the internet (mainly to DNS).
But the phone does not detect any internet connexion.
I tried to use the android "pingtools" app to send a ping to www.google.fr
it reports a DNS error.
I assume that maybe the answer from DNS is not delivered correctly to my phone.
In the howto, it was asked to define a static route in the router to make sure the router can find the 192.168.4.0 subnet.
I try to set this in opnsense, but I must say it ask more "questions" than simple soho routers.
I have tried to configure the route as per attached pictures: does it seems ok ?
(https://forum.opnsense.org/index.php?action=dlattach;topic=13190.0;attach=7314)
(https://forum.opnsense.org/index.php?action=dlattach;topic=13190.0;attach=7316)
-
I found on some other forum some mention about adding rules and/or outbound to make a static route work correctly...
But I don't understand correctly how this is working...anybody can help ?
-
ok, so I think I found a solution:
in addition to the static route, I added a NAT outbound rules.
I set outbound to hybrid and added a rule as in attached pic
it seems to work, but if anything looks unsafe here, I would be happy to know ( I find it by try&error, but outbound is not that clear to me)