Home

Forums

Stories

Knowledge Base

Home Network Community > Feature Request (Deco) > Guest network access to separate ip not dhcp (in my case my.own dns server)

< Feature Request (Deco)

Votes

Guest network access to separate ip not dhcp (in my case my.own dns server)

Votes

Guest network access to separate ip not dhcp (in my case my.own dns server)

KruLex

Monday - last edited 9 hours ago

Posts: 2

Helpful: 1

Solutions: 0

Stories: 0

Registered: 2025-10-06

Guest network access to separate ip not dhcp (in my case my.own dns server)

Monday - last edited 9 hours ago

Model: Deco M5 Deco M3 Deco XM50

Hardware Version:

Firmware Version:

Hi, like in subjet.

It's good to add routing functionaly to guest network to allow access to main network but with a list of ip... I have problem with my own DNS. Guest network havent access to it. Only to gateway. So mmyguest hosts wait for response for blocked ip before switch on some globla dns

4 Reply

HelpFixDecoApp

LV5

Thursday - last edited 9 hours ago

Posts: 1010

Helpful: 225

Solutions: 46

Stories: 0

Registered: 2024-08-25

Re:Guest network access to separate ip not dhcp (in my case my.own dns server)

Thursday - last edited 9 hours ago

@KruLex

Okay, I understand that you are experiencing issues with your guest network on Deco Mesh, specifically that guest devices cannot access your custom DNS server (e.g., Pi-Hole) on the main network, which causes delays before switching to a global DNS.

This is a known behavior: by default, Deco Mesh isolates the guest network from the main network for security reasons. This means devices on the guest network cannot reach resources (like your DNS server or Pi-Hole) hosted on the main network. Only the gateway (internet access) is available to guest devices.

Workaround:
• You can set a public DNS server (such as 1.1.1.1 or 8.8.8.8) as the secondary DNS in the Deco app. This way, guest network devices will use the public DNS if your custom DNS server is unreachable, ensuring faster internet access.
• To do this, open the Deco app, go to MORE >> Advanced >> DHCP Server, and set your custom DNS server as the primary DNS and a public DNS as the secondary DNS.

Note:
• Due to the default isolation between guest and main networks, direct access from guest devices to main network resources (like your DNS server) is not possible, and this behavior cannot be changed in Router mode.

For more details, please refer to https://www.tp-link.com/support/faq/1460/.

If you need further assistance or have specific requirements, feel free to let us know!

Need help with the Deco app, setup, Ethernet backhaul, network switch or rolling back firmware? Router or AP mode? https://community.tp-link.com/us/home/forum/topic/699816?page=1

KruLex

LV1

Thursday - last edited 9 hours ago

Posts: 2

Helpful: 1

Solutions: 0

Stories: 0

Registered: 2025-10-06

Re:Guest network access to separate ip not dhcp (in my case my.own dns server)

Thursday - last edited 9 hours ago

Hi,

Thanks for the response! Unfortunately, my Deco units are set up as an access point with mesh. So my DHCP server isn't from the Deco.

Actually, my DHCP server is set up as you describe:

On the Deco app, go to MORE >> Advanced >> DHCP Server. I only have the option to switch on 'Smart DHCP'.

I know that this is a complex operation in deco regarding isolation for security reasons. But in networks it is natural to make ACLs and this is what is needed in deco. The conscious sharing of specific ip addresses via ACLs is standard in every network solution. TP-LINK/Deco have simply not touched this, they are my suggestion :)

HelpFixDecoApp

LV5

Thursday - last edited 9 hours ago

Posts: 1010

Helpful: 225

Solutions: 46

Stories: 0

Registered: 2024-08-25

Re:Guest network access to separate ip not dhcp (in my case my.own dns server)

Thursday - last edited 9 hours ago

@KruLex

See if this article helps. If not please get back to me and I will see if one of the tp-link staff have any other ideas on this.

Need help with the Deco app, setup, Ethernet backhaul, network switch or rolling back firmware? Router or AP mode? https://community.tp-link.com/us/home/forum/topic/699816?page=1

David-TP

9 hours ago

Posts: 16137

Helpful: 2315

Solutions: 2281

Stories: 9

Registered: 2020-04-14

Re:Guest network access to separate ip not dhcp (in my case my.own dns server)

9 hours ago

@KruLex

Thank you very much for your feedback.

In AP mode, when "Allow local Access" is disabled, the Guest device is only able to communicate with the network gateway, which might explain why the local customized DNS server is blocked from the Guest network.

(By the way, in AP mode, Deco doesn't support either Device Isolation or "DHCP server>Customize DNS servers".)

Your feedback is indeed very useful if a certain IP address could be manually added to the allowed list. I'll report to the senior engineer for further evaluation.

If you don't have to use Deco in AP mode, connecting the customized DNS server direclty to the ISP router and setting Deco back to router mode would be a workaround.

You can refer to this link to set the customized DNS server as the IPV4 DNS server:

How to change DNS server settings on my Deco

Thanks a lot.

Best regards

▶Check What's Currently Going on With Deco ▶Parental Control Upgrade on HomeCare Models ▶Deco BE85 1.2.0 Enhanced Mesh Backhaul Stability and Device Roaming Experience ▶Deco BE65/BE65 Pro 1.2.0 Enhanced Mesh Network Stability and System Security ▶Deco BE75 1.1.0 Added WireGuard VPN, Manual Channel Selection and More Try to leave a Message if urgent help is required.

Guest network access to separate ip not dhcp (in my case my.own dns server)

Guest network access to separate ip not dhcp (in my case my.own dns server)

Information

Voters 1

Tags