Showing results for 
Search instead for 
Did you mean: 

Guest user can Access the internal Network altough the ACL should prevent this.

New Contributor

I have a ZD 1100 (FW 9.4) installed in a flat Network (no VLAN, no Layer3 device). Default Gateway for this Network is a Firewall (one internal Interface in the Network, one external Interface to the Internet).

The ZD has two Wireless Networks configured, one for internal users, one for Guest users. Guest users can log in and Access the Internet without a Problem.

The Problem is that users who are connected to the Guest can also access ressources on the internal Network altough the ACL should prevent this.

I have read the user Manual and it states that there are 3 ACL rules for the private Networks which will always be active and which will be enforced on the ZD and on the AP. I can see These ACL in the configuration and they are set to deny.

My question is: Why can a guest user access a Server in the Network and how do I prevent this from Happening? Will I Need to create a seperate VLAN for the guests or can there be a missconfiguration?

Thanks a lot and many greetings from Germany.

New Contributor

Esteemed Contributor II
We have implemented greater client isolation, into Layer3, in ZD version 9.8 firmware over the behavior from v9.4 code.  Can you upgrade and re-evaluate the guest WLAN access to trusted network again?