Here is my situation: I have one RT-N66U (tomato#1) running tomato shibby located in the basement, connected to a FTTH switch and to my LAN switch. This one is in router mode only, wifi is off. I have a second RT-N66U (tomato#2) running tomato shibby located on the first floor, connected to the first RT-N66U via my LAN switch. This one is in AP mode only, wifi is on. I have set these up so I can access the internet either from wired wall sockets in my house (connected to my LAN switch) or via wifi (provided by tomato#2). I followed this guide (thank you google translate) but sadly no access to internet from guest SSID, normal access to internet and LAN from home SSID. Both SSIDs connect, both assign client IP address (for respective subnet). My guess is that this guide is written for one-router setup. How would one setup router and AP (both running latest tomato shibby) to allow home SSID to access internet+LAN and guest SSID to access internet only? How would one tweak this configuration to limit guest SSID bandwidth to a low value (1 mbps for example)? Is it possible to do this via captive portal? ("Catch" each unknown device on guest SSID and direct it to enter password, then give them bandwidth-limited access to internet only for a limited amount of time) If anyone has a link to a tutorial that would help in my situation, please guide me to it!