IoT Access Point


I have a (kickstarted) Omnia running the latest firmware.

I’ve Just spent over an hour getting lost in the Luci interface and I think it’s time to admit defeat…

I want to create a new WiFi access point called “IoT_House”
…which will allow connections (eg. Shelly/Sonoff relays) on both 2.4 and 5 GHz (**later devices will also connect via Ethernet Port-1; but that is a future requirement)
…This AP will have its own IP range (
…Each client will be allocated a Static DHCP IP address (based on MAC) in the range
…Each client will be able to access [a] the internet, and [b] any client in the range (ie. home automation servers) - but will NOT be able to see other IoT clients (1-15)
…ANY device on this network ( can be accessed from ANY device on the ‘main’ (admin) network (
…CERTAIN devices on this network (eg. bathroom light) can be accessed from ANY device on the ‘guest’ network (

The “admin” and “guest” networks are already setup by Foris.

I figure I need to create an access point … bind it to the relevant interfaces (wifi now + lan1 later) … configure static DHCP … and set up a bunch of firewall rules for isolation/routing
…But how to actually achieve that using Luci (or worse still, by editing config files via SSH) is eluding me :frowning:

I’m really hoping the community here can help me to get this working.

Thanks in advance for any advice,

In LuCI, you need to create another interface, and set it up with the IP range you want. Create a new firewall zone with the needed rules (e.g. can forward to WAN, can forward from main, etc), and add the new interface to that zone.

Then, make a new wireless interface with the desired SSID, and assign it to the interface, and enable “Client Isolation”.

Then, you can go through and add static DHCP and the custom firewall rules, but make sure everything works before you do all that.

Sorry for the delay …I’ve been ill.

So: Luci → Interfaces → Add new interface :-
. Name: IoT
. Protocol: errr, “Static address” ?? …None of the others make sense in this scenario
. Device: The only “Wireless” options are the existing access points

That’s it - the only other button is “Create interface” …Nowhere to set CIDR mask or such :confused:

What am I missing?

Set it up similar to the LAN interface. Static address, with an address of, mask, and no gateway (since the router is the gateway).

You can leave the device unspecified, and assign it to the WLAN device after you create it.

Hey @mattventura

Thanks for your input.

Sadly I am looking for guidance on the steps required to “Set up the wireless IoT network similar to the LAN interface, and specify an IP range” …I agree that (in broad and general terms) this is part of what I want to achieve [see OP] …But I don’t know what Luci screens I need to visit, in what order, and what to put in the various input fields to affect this outcome …Are you able to share this information in a way that I can recreate it? :slight_smile:


If you prefer learning by video point your browser to a search engine and search for “ openwrt iot wifi onemarkfifty” .
There is a two episode video walkthrough of areas you might be interested in.

1 Like