Just reconfigured my home network to separate my WiFi and isolate IoT devices on a separate subnet. Hit some unexpected roadblocks – documenting them here before I forget:
1. Alta Labs ROUTE10 Surprise
Turns out this runs OpenWRT under the hood. All standard uci commands work, but persistence requires writing them into a post boot shell script located at /cfg/post-cfg.sh.
2. Ubiquiti USG NAT Limitations
The USG series has some annoying constraints:
- No true non-NAT “External Zone” support
- Can’t fully remove stock NAT rules
- Workaround: Create NAT exclusion rules instead