I plan to get a Flint 2 and use the Guest Network solely for wireless IOT devices only.
I understand (I hope) that Guest subnet communication to the Primary LAN subnet is blocked by default (and vice-versa).
However, is there a way to allow a one-way communication from the Primary LAN subnet to the Guest subnet (but not the other way) - either with a firewall rule or some kind of Traffic Routing rule?
Some IOT devices require local intranet access (not via Public Internet) so I would need a way to connect and/or communicate with these devices locally from the Primary LAN without having to connect to the IOT network myself.
Yes this is possible by using the advanced settings.
If you install luci (or it already is), you have to navigate to network -> firewall.
Then just edit lan, and go to the section forward to:
And add guests zone to it.
Depending how much isolation the guest network has, by gl firewall rules you may also have to look into the tab traffic rules, maybe just set input of zone guests to accept.
However there are also other type of iot devices which uses broadcast or multicast, broadcast I think will not be possible, for mdns you can easily use avahi but its not easy for a beginner, often chromecasts use mdns.