Gargoyle Forum

Hi guys,

I’d like to share my Internet Connection with my neighbor. I have made a little schematic on the desired setup but it seems I’m not allowed to share images/links, yet.
The basics are easily setup with the Gargoyle Web UI:
WAN via DHCP
LAN and Wi-Fi on 192.168.1.xxx
Isolated Guest Wi-Fi (for my guests)

What I want to add:
Isolated LAN (DMZ) on one port for my neighbour to use with his router

I’m aware that my neighbour will have a double NAT setup though it shouldn’t be a problem in his case.

I found some examples where people achieved similar setups though I was hoping you could give me some help on what to look out for in my case. It will be my first time manually editing the configuration files on my router.

A nice bonus would be a QoS-Setup with the priority on my network.

thanks!

yeah, just do it

Make sure both routers are on a different subnet

192.168.x.abc

where x need to be different

If both routers are gargoyle things will be easier. (for us anyway)

Hello,
I just configured a DMZ as an isolated lan, not as an exposed host, following the wiki article 'Setting up a DMZ' from openwrt. (Im not allowed to post the link.)
It worked. My RPi-server is now in the DMZ and has open ports, but it's separated from the lan in case things get ugly.

The problem I am facing now is that gargoyle does not monitor the bandwidth usage from 'DMZ' to WAN. Looking at the connected hosts list i can confirm that there are hosts with an ip from the second network 192.168.x+1.abc. Adding port forwards to ip-adresses in the second lan works as well. But gargoyle wont let me select IPs from the second network to show the bandwidth usage. Only IPs from 192.168.1.abc are selectable.

I couldnt find any documentation how to configure the monitoring system of gargoyle. Please give me an advise.

Best regards and a happy new year.
Timur

This isn’t supported

Hey,
does this mean ispyisail is recommending to do something,
that renders the unique selling point of gargoyle, the monitoring abilities, useless?

ispyisail wrote:yeah, just do it
Make sure both routers are on a different subnet
...
If both routers are gargoyle things will be easier. (for us anyway)

With this setup it's possible to share the uplink with the neighbour, but you cant monitor bandwidth usage...
I would expect a rather simple modification to the bmon config to add the second interface to be monitored as well. Is there really no chance?

Hey,
does this mean ispyisail is recommending to do something,
that renders the unique selling point of gargoyle, the monitoring abilities, useless?

I missed the VLAN in the title

Gargoyle does not support VLAN.

Command line only

Please remember that this is community members helping community members. We don't always have all the answers, and we don't always get it right.

No, there is basically no configuration available for the bandwidth monitor.
You can:
- Turn it on/off
- Enable high definition monitoring (more datapoints per time period)
- Enable a custom interval
That's about it.


If i was doing this, i would not use a VLAN. I'd just use a firewall rule to stop the hosts downstream from routing to the upstream LAN, only to WAN.
No this isn't a firewall rule i can help you write.

Hey,
thank you for the clarification.
What I can recap is:
The Gargoyle GUI doesnt support VLANs, but you can set them up via command line. This approach works, but monitoring multiple interfaces is again not supported in GUI...

--------------------

Reverting to a singe network and using firewall rules to isolate a client might be a solution.
One question: Does the traffic between to clients in the same (V)LAN go through the firewall in gargoyle?
Best regards,
Timur

In the same LAN no.
As VLANs are also at the switch level, I expect they also don’t go through firewall but I don’t know it for certain