starting point are 2 seperate consumer LANs with seperate consumer grade WLAN modems. LAN2 is my neighbor, LAN1 is my own home-LAN. Whenever he wants to access my NAS or printer he has to log into my WLAN and then is hogging on my bandwith which I don't like.

So this is the starting point: starting situation

my idea now was to use an OpenWRT Router that acts as an WLAN bridge: OpenWRT as wlan bridge

The OpenWRT is connected on the LAN port with a cable to the ISP Modem of LAN2. The DHCP server on the LAN-interface is switched off (since dhcp is done by the ISP Modem), mode is set to static and given a staticIP out of LAN2 ( that is not used and lies outside the dhcp pool so no collision can occur. Now I also have to use this IP further access the webUI of OpenWRT. The WIFI module of the OpenWRT is now set to Station/Client Mode and connected to the WLAN of LAN1. With this a WWAN Interface is created that I assigned the wan/wan6 firewall settings so it uses the NATed routing into my LAN.

Will this already work? or will I have to define some static routes on the openWRT like:

Gateway (IP of the OpenWRT)

Gateway (IP of his ISP WLAN modem)

Printer and NAS are on a fixed IP on my network so I would add some Firewall rules to drop everything else.

Expected results:

  • Any client from LAN2 can access Printer and NAS (given he knows the IP, since there will be no forwarding of broadcasts)
  • No client from LAN1 can access anything on LAN2 (since LAN2 is NATed) Each LAN clients will use their own internet connection.

My Questions:

  • Am I thinking this right?
  • Is there a possibility to also forward broadcasts and bonjour-service so printer and NAS will be visible for dummies also.
  • Is this the best solution for this scenario, since I can't switch out the ISP modems and could only do a double NAT.

Edit: I cannot add static routes to the routers provided by the ISPs

  • “I cannot add static routes to the routers provided by the ISPs” – Then you already lost. You’d have to add routes to each device separately. That just isn’t feasible. // You can’t bridge WiFi by the way. Not without hacks.
    – Daniel B
    Commented Feb 10, 2017 at 14:23
  • @DanielB I got it to work with OpenWRT doing the static routing Commented Feb 10, 2017 at 15:12

4 Answers 4


I will answer this myself since I got this to work in the way I proposed and I think this is the best and fasted method for this specific problem.

The OpenWRT is connected on the LAN port with a cable to the ISP Modem of LAN2. For LAN interface we set a static IP ( Since no static routes can be configured on the ISP routers the DHCP server on the ISP device has to be turned off and instead enabled on the LAN interface on the OpenWRT. Then a static route has to be configured on the OpenWRT to set a default route for all traffic that points to the ISP modem and one static route for the traffic into the other subnet that points to the OpenWRT router.

interface   Target       IPv4-Netmask   Ipv4-Gateway
lan (IP of the OpenWRT)

in the next step we have to configure the wlan connection to the subnet. So we set under Network/Wifi a connection in client mode to the WLAN. A wwan interface will be created that we will put into the wan/wan6 firewall zone so OpenWRT will do NATed routing from into

Important: Since the wwan device will get a dynamic dhcp address from the ISP router from OpenWRT will reset our default route if we don't uncheck "use default gateway" for that wwan interface and route all traffic throught the other subnet.

And that's it more or less. You can restrict access via the firewall options of the OpenWRT to only forward traffic to and from a specific IP between the subnets if you want to make only certain devices accessible.

  • Have you managed to forward the broadcasts too? And how do you access LAN1 devices from LAN2 by name, maybe by creating the hosts manually or is there the possibility to do this automatically using the LAN1 router?
    – virtualdj
    Commented Jan 6, 2019 at 20:00

Short answer: Static routing and a crossover cable Or "Full bridging mode" from openwrt.

  • First get both of your routers setup and on the internet with separate IP addresses.
  • Leave DHCP on for the time being as it will allow you to connect easily and test this configuration.
  • Connect PC to router 1 – test internet. Make sure you are on the 10.0.1.X subnet.
  • Connect PC to router 2 – test internet. Make sure you are on the 10.0.2.X subnet.
  • Now connect both routers together with a crossover cable
  • No fires? :)

  • Now let's configure static routing and turn off DHCP on one of those routers.

  • Connect to router #1 and make your first static route to
    destination (
  • Then connect to router #2 and make your second static route to destination (
  • Routing all the 10.0.2.X traffic to router 1 and all the 10.0.1.X traffic to router 2. A handshake if you will.

NOTE: You don't need Crossover cable if your router support UPLINK

  • but if I create a transparent bridge between the two LANs, can I still use the firewall in OpenWRT to restrict access to certain IPs? Commented Feb 2, 2017 at 17:33

Here's another solution:

OpenWRT: Advanced Settings -> Network -> Interfaces

  LAN: ; Disable DHCP
  WLAN: ; Disalbe DHCP; Client Mode

ISP WLAN MODEM LAN 1 (I use a Fritz!BOX):

( -> connect OpenWRT with cable)


Target       IPv4-Netmask   Ipv4-Gateway

ISP WLAN MODEM LAN 2 (I use a Fritz!BOX [too]):

( -> wireless connection)


Target       IPv4-Netmask   Ipv4-Gateway

For the fritz!box friends, of course don't use the same IP4-Ranges, I use:

LAN 1: 177
LAN 2: 178 [default]

you can possibly connect your printer to your nas and provide internet access to your nas. I have a synology nas and can access it that way. I do not have my printer connected to it, but that function is available. No additional hardware.

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .