A few days ago I have set up a hotspot on large distributed vlan with different WiFi hardware in it.
Everything is working fine, except some thing: I want to manage my hardware in that vlan.
But I can't get to it, not from my mt router, not from remote locations.
Tried to use hs-unauth firewall chain to enable access, but with no luck. Hotspot is making ARP spoofing and replacing MAC addresses of devices located in hotspot vlan.
E.G. I have 10.10.100.0/24 for hotspot, and 10.10.200.0/24 for my devices, how can I write a firewall exception for them, so I can manage them without disabling hotspot?
Or maybe I can make an exception for subnet for hotspot to not replace MAC addresses?