I have pfSense and TPLink Archer C9v1 as access point. The main private network is 192.168.2.x. The AP run dd-wrt.
I created two new Virtual Access Point (VAP), one for guest with subnet 192.168.4.x, and another one for my iot devices with subnet 192.168.5.x. The original intention was to use VLAN4 for guest and VLAN5 for iot, with dhcp, dns, and firewall rules on my pfSense. However, dd-wrt on my AP seems not working well with VLAN. So eventually, the guest and iot subnets are defined in dd-wrt, with dhcp on dd-wrt by following the guide here:
https://forum.dd-wrt.com/phpBB2/view...047143#1047143
Now what I get it working is:
192.168.2.x - main private network (with main 2.4 and 5ghz wifi), dhcp and dns on pfSense
192.168.4.x - guest network (with VAP, wl0.1 on 2.4ghz), dhcp on dd-wrt
192.168.5.x - iot network (with VAP, wl0.2, on 2.4ghz), dhcp on dd-wrt
each subnet are fully isolated, all subnets can access internet. Devices inside subnet guest and iot cannot access to each other.
As I need my main network hosts to be able to communicate with devices/hosts in iot subnet (192.168.5.x), but now I can't. The reason I need to do this because I run Home Assistant (on Ubuntu) on my main network and it has to be able to access devices in iot subnet.
Any recommendation as to how I can accomplish my last need (for now)? Sorry that I have to ask this topic here because nobody replied me on both Netgate and dd-wrt forum.
Note: Both iot and guest subnets still can't initiate the communication with the main network, as intended.
Thank you.