参考 https://wiki.openwrt.org/doc/recipes/guest-wlan-webinterface
1. 在2.4GHz Wireless Controller下, 创建访客WiFi
在编辑界面中, Channel选择与现有网络不同编号,Advanced Settings都保持默认
ESSID设置一个易于辨认的名称, 例如OpenWrt-Guest, Mode选择Access Point, Network选择create, 填入guest, Wireless Security先不用设置
Save & Apply
2. 设置Network中新增的 GUEST interface
Protocol选择Static address, 点击switch protocol, 填入与当前子网不同的网段IP, 例如192.168.1.1, mask 255.255.255.0
Firewall Settings 选择create, 填入 guest
启用dhcp
Save & Apply
3. 设置Firewall, 点击guest对应的edit
Input设置为reject, Covered networks只选guest, Inter-Zone Forwarding中, 仅勾选Allow forward to destination zones的 wan部分
Save & Apply
4. 设置Firewall -> Traffic Rules
Open ports on router
添加 Name: Allow-Guest-DNS, Protocol:TCP+UDP, External port:53
添加 Name: Allow-Guest-DHCP, Protocol:UDP, External port:67-68
再分别编辑这两个rule, 将Source zone改为guest, Destination zone改为Device(input)
Save & Apply