Full Wireless Client Isolation
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-28-2014 02:10 AM
Hi
I want to restrict clients to de Default Gateway by putting a checkbox to Client Isolation with whitelist (9.7), but it is not working like in version 9.6.
Problem is: what do I whitelist? If I whitelist the default gateway (only), I don't get an IP-address from DCHP, if I whitelist DHCP-server, I can access shares since it is also file server.
I tested it thoroughly. If I upgrade from 9.6 to 9.7, the radio button from 9.6 is changed to a whitelist named mpff without any rule (which is not possible to set manually).
Any help is appreciated to get the same feature as in 9.6
thanks
Jos Vens
I want to restrict clients to de Default Gateway by putting a checkbox to Client Isolation with whitelist (9.7), but it is not working like in version 9.6.
Problem is: what do I whitelist? If I whitelist the default gateway (only), I don't get an IP-address from DCHP, if I whitelist DHCP-server, I can access shares since it is also file server.
I tested it thoroughly. If I upgrade from 9.6 to 9.7, the radio button from 9.6 is changed to a whitelist named mpff without any rule (which is not possible to set manually).
Any help is appreciated to get the same feature as in 9.6
thanks
Jos Vens
8 REPLIES 8
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-20-2014 07:31 AM
Solution found! thanks all, you made me thinking further so I could find a solution to get Full Client Wireless Isolation as it was before firmware 9.7.
Step 1: Whitelist router and dhcp-server if they are different machines
Step 2: make an ACL L3/IP and allow the protocol DHCP, DNS, HTTP and HTTPS
Apply the whitelist by the isolation checkbox and apply the ACL in the advanced options of the WLAN. Ready, works fine: clients can surf on the internet but cannot ping or access files on fileserver (which is in this case also the DHCP-server).
Thanks everyone!
Jos Vens
Step 1: Whitelist router and dhcp-server if they are different machines
Step 2: make an ACL L3/IP and allow the protocol DHCP, DNS, HTTP and HTTPS
Apply the whitelist by the isolation checkbox and apply the ACL in the advanced options of the WLAN. Ready, works fine: clients can surf on the internet but cannot ping or access files on fileserver (which is in this case also the DHCP-server).
Thanks everyone!
Jos Vens
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2017 11:58 PM
Hi Jos,
Thank you for posting the steps. This solves my problem.
Best Regards,
LJ
Thank you for posting the steps. This solves my problem.
Best Regards,
LJ
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-23-2016 10:56 AM
Hi Jos,
I'm trying to setup the same configuration for a guest network. I have enabled the whitelist, and created the ACL L3. However when selecting the access control options for my guest WLAN, there is no L3 drop down menu, see the screenshot: http://i.imgur.com/qPayGjL.png
Any thoughts or input would be greatly appreciated.
I'm trying to setup the same configuration for a guest network. I have enabled the whitelist, and created the ACL L3. However when selecting the access control options for my guest WLAN, there is no L3 drop down menu, see the screenshot: http://i.imgur.com/qPayGjL.png
Any thoughts or input would be greatly appreciated.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-28-2018 05:52 AM
It seems that WLAN mode to Guest Access removes the L3 selection drop down.
Setting the WLAN mode to standard restores it.
Setting the WLAN mode to standard restores it.
