Hi all,
Forgive me but I haven't lurked here before my first post! I have a question / observation regarding the way my Asus RT-N66U currently running Merlin 3.0.0.4.374.35_4 handles guest networks that deny access to the LAN.
I have an existing internal LAN which has a DHCP server that allocates in the 192.168.1.0 subnet and serves a default gateway on a UTM device on the perimeter. For wireless clients connected to the Asus who have access to the LAN I can turn off the Asus DHCP server and IP's are allocated to wireless clients from the existing LAN DHCP server.
The problem with this is if I turn off the Asus DHCP server, clients connecting to a guest SSID (without LAN access) wont see the LAN DHCP server and so don't get allocated an IP address.
My current solution is to run both DHCP servers, each with the same static IP addresses defined and each serving dynamic addresses from different ranges on the same (LAN) subnet. Why not simply close down the LAN DHCP server and use the Asus one? - simply because the default gateway on the LAN is different to the Asus, which wont allow a default gateway that isn't the Asus itself.
What would the ideal solution be? Well, please shoot me down if this isn't the neatest solution, but for me the ability to disable DHCP on the Asus LAN segment but be able to enable the DHCP server on each of the guest SSID instances so that clients connecting to them can obtain an IP - for me it wouldn't matter if this was in the LAN subnet because the wireless guests cant 'see' that subnet anyway, but if this was in a subnet unique to each guest wireless instance then this would also be OK because in restricted guest mode all the traffic just goes out over the Asus WAN port anyway.
I have tried to do this with dd-wrt but it seemed really tricky to set up and didn't work for me - I couldn't get any connectivity to the WAN from guest wireless connections, although they did get served unique IP addresses.
I was wondering if:
1) My current solution is technically viable given potential conflicts between the two DHCP servers (although I have tried to pre-empt these as far as possible).
2) If there is another, simpler work around that I'm missing?
3) If there is any chance that this DHCP functionality might make its way into the Merlin builds - I would have thought that running this wireless router on a LAN with an existing DHCP server was a pretty common situation?
Thanks in advance for any help, suggestions and comments - I'm just not capable enough with this sort of networking to be sure if I'm on the right track!
Forgive me but I haven't lurked here before my first post! I have a question / observation regarding the way my Asus RT-N66U currently running Merlin 3.0.0.4.374.35_4 handles guest networks that deny access to the LAN.
I have an existing internal LAN which has a DHCP server that allocates in the 192.168.1.0 subnet and serves a default gateway on a UTM device on the perimeter. For wireless clients connected to the Asus who have access to the LAN I can turn off the Asus DHCP server and IP's are allocated to wireless clients from the existing LAN DHCP server.
The problem with this is if I turn off the Asus DHCP server, clients connecting to a guest SSID (without LAN access) wont see the LAN DHCP server and so don't get allocated an IP address.
My current solution is to run both DHCP servers, each with the same static IP addresses defined and each serving dynamic addresses from different ranges on the same (LAN) subnet. Why not simply close down the LAN DHCP server and use the Asus one? - simply because the default gateway on the LAN is different to the Asus, which wont allow a default gateway that isn't the Asus itself.
What would the ideal solution be? Well, please shoot me down if this isn't the neatest solution, but for me the ability to disable DHCP on the Asus LAN segment but be able to enable the DHCP server on each of the guest SSID instances so that clients connecting to them can obtain an IP - for me it wouldn't matter if this was in the LAN subnet because the wireless guests cant 'see' that subnet anyway, but if this was in a subnet unique to each guest wireless instance then this would also be OK because in restricted guest mode all the traffic just goes out over the Asus WAN port anyway.
I have tried to do this with dd-wrt but it seemed really tricky to set up and didn't work for me - I couldn't get any connectivity to the WAN from guest wireless connections, although they did get served unique IP addresses.
I was wondering if:
1) My current solution is technically viable given potential conflicts between the two DHCP servers (although I have tried to pre-empt these as far as possible).
2) If there is another, simpler work around that I'm missing?
3) If there is any chance that this DHCP functionality might make its way into the Merlin builds - I would have thought that running this wireless router on a LAN with an existing DHCP server was a pretty common situation?
Thanks in advance for any help, suggestions and comments - I'm just not capable enough with this sort of networking to be sure if I'm on the right track!