accessing devices on a parent subnet

[hish747]

My home network layout consists of:

ISP Cable Modem>ASUS Router(192.168.0.1)>dumb switch>OPNSense Router (192.168.1.1)>Wifi AP.

When I connect to the WIFI AP I can of course access all devices on the OPNSense network (192.168.1.x) but how can I enable access the parent network's 192.168.0.x devices? For example to access the ASUS router settings.

Thanks,
Hish

p.s. I'm coming over from Mikrotik where the default is you can access and I need to setup firewall rules to block access to the parent network.

[bartjsmit]

Does the ASUS have a static route to 192.168.1.0/24 via the WAN IP of OPNsense?

[hish747]

No, the OPNsense sees the 192.168.0.x network as if it was the WAN/Internet. Plus, I want to be able to access all devices on the 192.168.0.x network, not just the Asus.
Thanks

[iMx]

Do you have NAT enabled on opnsense? i.e egress NAT on the WAN interface?

If you do, it (i.e 192.168.1.x devices, trying to access the 192.168.0.x address of the Asus) should already work without the static route.

With NAT enabled
If you have NAT enabled and if all 192.168.1.x devices are NAT-ed behind the opnsense 192.168.0.x IP, it should work without the static route. 

As when a 192.168.1.x device tries to access 192.168.0.x, it will already appear to come from a 'local' 192.168.0.x IP.

Without NAT enabled

@bartjsmit response covers this scenario.

If you don't have NAT enabled on opnsense, the 192.168.0.x devices need to know that when they want to send traffic BACK to 192.168.1.x, that it needs to be sent to the opnsense box - routing has to work both ways.

Devices behind opnsense (192.168.1.x) already have a route TO 192.168.0.x as it follows the default route and it is a directly connected network (i.e opnsense has interfaces on both networks). 

But when packets reach a 192.168.0.x device, they do not have a route BACK to 192.168.1.x

On the Asus, add a static route:

192.168.1.0/24 gw opnsense-192-168-0-x-ip