cancel
Showing results for 
Search instead for 
Did you mean: 

Guest Wifi - restricted subnet access

wayne_eaton_4wn
New Contributor II
ZD1100 (I know EOL).  firmware 9.9.1.0 build 52

I've set up GuestWifi and activation and it works very nicely.  I want to restrict users from other subnets so I configured Restricted Subnet Access, however, I can still get to anything on these subnets...ping, file shares, web portals, etc.  Not sure what else I'm doing wrong?9.9.1.0 build 52
Image_ images_messages_5f91c3d9135b77e2478ae02f_30803174ffa9effd174bf6133ad4e956_RackMultipart20180426128542tmm-2d26a544-b09a-41e2-9f75-7814bf53fce5-385906472.JPG1524773711
8 REPLIES 8

igor_tunakin
Contributor
Hi,it because the ACL is wrong. What subnet are you going to block?

You cannot block a subnet and allow some part of it.
Ex.
deny 172.16.0.0/12 means all packets with destination IP from 172.16.0.0 to 172.31.255.255 will be denied.And then you write: allow 172.17.10.3/32
If an ACL has so kind of mistakes it cannot be activated.

wayne_eaton_4wn
New Contributor II
Thank you, I can see that now.  However, if this was working, than probably nothing would be working and my subnets that I'm intending to block would already be blocked by the 172.16.0.0/12.  So this is still not working as I can get to IP's on 172.17.10.0...172.17.40.0...etc.  Is there anything else I need to enable anywhere?

igor_tunakin
Contributor
Could you show your new ACL?

wayne_eaton_4wn
New Contributor II
Sure...here it is...Image_ images_messages_5f91c435135b77e2479bac93_922fbdbe9297d8332774e56a1d000403_RackMultipart2018042797045d368-6537f56d-1377-4f21-b54b-5b21e4d161f1-1599383786.JPG1524831915
Labels