I enabled the Guest WiFi on my Asuswrt-Merlin router, so that some of my IoT devices could be separated from my network. What I soon discovered was that I could not get an internet connection on the Guest WiFi because the DNS server on my LAN is an internal address pointing to my Pi-hole, and the Guest WiFi was preventing access to my LAN.
After some research I found a project on GitHub called YazFi which would allow the Guest Wifi to communicate with the router to allow (among other things) access to my internal DNS server.
Getting up and running with YazFi is very, very straight forward. The setup instructions are on https://github.com/jackyaz/YazFi but I’ll provide a quick summary below.
- Log into the router’s GUI and create a new Guest WiFi network, with an SSID and a passphrase.
- Open an SSH session to your router, then copy/paste the following command and press Enter:
/usr/sbin/curl --retry 3 "https://raw.githubusercontent.com/jackyaz/YazFi/master/YazFi.sh" -o "/jffs/scripts/YazFi" && chmod 0755 /jffs/scripts/YazFi && /jffs/scripts/YazFi install
- This will install YazFi. Once it it’s installed, press Enter.
- In the console, type in
YazFito launch the application.
- In the menu, type in
3. Edit YazFi configthen press Enter. You will be asked to select an editor – for simplicity use
- In the editor, edit the options for each Guest WiFi you have setup. In my case, I only have one so I will be modifying the
wl01section. Below is what my config file looks. Note that you will need to reference the Explanation of YazFi settings section to modify this for your network, but the important part here was that I change the DNS, both
DNS2to point to my internal Pi-hole which is on
- Once you have made your changes, hit
CTRL + X. You will be asked to save your script.
- Back at the main menu type
1then press Enter to apply the YazFi configuration.
The application will now launch and apply your settings. Once it’s ready, you should now be able to connect your Guest Wifi to the internet and have it pass through your Pi-hole so that it can also block ads.
And yes, YazFi will automatically launch on a router reboot.
Edit: There is one setting in that needs to be adjusted in Pi-hole as mentioned by SpasilliumNexus in the comments below for this to work correctly. I had already set this option in my Pi-hole, so I missed it in this guide.
- Log into your Pi-hole and click on Settings, then click on the DNS tab at the top.
- Change the option in Interface listening behavior to Listen on all interfaces, permit all origins.
- Click on Save at the bottom.