This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

DPSK with 'client-isolation' type L3 access-list

Wouter
New Contributor II

‎09-09-2022 08:14 AM

So we use DPSK a lot in our various types of networks. However, often every group is assigned it's own vlan and users can connect with their own devices. However, we would like to implement a Guest-network where they are only allowed to communicate with the gateway.

When I try to enforce such a rule via the L3 firewall rule I end up without any connection at all or I can still ping other clients on the network. Question: is it possible to perform such a network or is it better to create a separate guest-network with it's own SSID?gateway only L3 detail.pnggateway only L3.png

0 Kudos
2 REPLIES 2

Parik_MN
RUCKUS Team Member

‎09-09-2022 08:48 AM

Hello @Wouter

Creating L3 ACLs for default gateway would we invalid. You would need to enable Client-Isolation in WLANs and create client isolation whitelist, so that you can limit the client communication on same subnet.

 

Regards,

Parik 

 

Wouter
New Contributor II
In response to Parik_MN

‎09-13-2022 12:41 AM

Hi Parik, thanks for your reply.

The thing is we would like to have a single SSID for multiple purposes. If we enable client isolation I assume it would affect the users with DPSK-keys as well while we would like to have a personal environment for users with keys and guests can use a different key with limited access. If this is impossible or bad practice, maybe it's a nice feature request to define some of the WLAN specific aspects to a dpsk key such as client isolation or guest portal. (after all, client isolation should be just a firewall rule).

0 Kudos
Copyright © 2024 Khoros, LLC