cancel
Showing results for 
Search instead for 
Did you mean: 

Full Wireless Client Isolation

jos_vens
New Contributor II
Hi

I want to restrict clients to de Default Gateway by putting a checkbox to Client Isolation with whitelist (9.7), but it is not working like in version 9.6.
Problem is: what do I whitelist? If I whitelist the default gateway (only), I don't get an IP-address from DCHP, if I whitelist DHCP-server, I can access shares since it is also file server.
I tested it thoroughly. If I upgrade from 9.6 to 9.7, the radio button from 9.6 is changed to a whitelist named mpff without any rule (which is not possible to set manually).
Any help is appreciated to get the same feature as in 9.6

thanks
Jos Vens
8 REPLIES 8

jos_vens
New Contributor II
Solution found! thanks all, you made me thinking further so I could find a solution to get Full Client Wireless Isolation as it was before firmware 9.7.

Step 1: Whitelist router and dhcp-server if they are different machines
Step 2: make an ACL L3/IP and allow the protocol DHCP, DNS, HTTP and HTTPS

Apply the whitelist by the isolation checkbox and apply the ACL in the advanced options of the WLAN. Ready, works fine: clients can surf on the internet but cannot ping or access files on fileserver (which is in this case also the DHCP-server).

Thanks everyone!
Jos Vens

Hi Jos,

Thank you for posting the steps. This solves my problem.


Best Regards,

LJ

jeret_shuck_ie3
New Contributor
Hi Jos,

I'm trying to setup the same configuration for a guest network. I have enabled the whitelist, and created the ACL L3. However when selecting the access control options for my guest WLAN, there is no L3 drop down menu, see the screenshot: http://i.imgur.com/qPayGjL.png

Any thoughts or input would be greatly appreciated. 

hpatel99
New Contributor III
It seems that WLAN mode to Guest Access removes the L3 selection drop down. 

Setting the WLAN mode to standard restores it.