Hi, have normal Wifi, all good, br0 at subnet 192.168.68.0, DHCP active made a wl0.1, bridged to br1, subnet 192.168.77.0, no DHCP added Code: interface=br1 dhcp-range=tag:br1,192.168.77.11,192.168.77.199,255.255.255.0,1440m dhcp-option=tag:br1,3,192.168.68.254 dhcp-option=tag:br1,6,126.96.36.199 to Advanced/DHCP/custom DNSmasq, works fine, getting IP on wl0.1 with Gateway being 192.168.68.254, but no internet! Ping to br0 ..68.0 timeouts! ping to br1 ..77.0 is okay! Tried Code: iptables -A FORWARD -i br0 -o br1 -s 192.168.68.0/24 -d 192.168.77.0/24 -j ACCEPT iptables -A FORWARD -i br1 -o br0 -s 192.168.77.0/24 -d 192.168.68.0/24 -j ACCEPT Firewall rule, not working Tried Code: iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j ACCEPT iptables -I FORWARD -i br0 -o br1 -m state --state NEW -j ACCEPT iptables -I INPUT -i br1 -m state --state NEW -j ACCEPT not working too (tried "iptables -A" too with those commands), rebootet several times and checked if rules are applied in SSH with iptables --list [[Purpose: ...254 is an other gateway (RaspberryPi), tunneling thru VPN, Being on br0 and setting ..68.254 as Gateway works fine, result is being tunneled, great! Would be nice to have a 2nd virtual Wifi which is tunneled]] Best would be if i just could use br0 for both eth0 and wl0.1 but how could I assign other gateway for devices connecting thru wl0.1?