I'm wondering if its possible to do this like a Guest WLAN but for my LAN, I want to make my LAN devices invisible to others in the same LAN, thanks in advance.
Hi
brief answer is NO
every device which is in same L2 domain will see another
liked or not
they could communicate without router, so nothing could stop them
a longer answer is MAYBE
but you need to have DSA router, and only 4 device
every device put in separate port and set-up bridge L2 filtering
but believe me, it is not so easy task
1 Like
If you have a limited number of devices, and have enough ports for each of these devices, you could make a vlan for every single one of your devices, and assign these vlan's to a port.
This is highly impractical, just food for thought basically
2 Likes
What is the reason behind this question?
Do (some of) your devices have vulnerability issues?
=> if so creating VLANs for those vulnerable devices might be a good idea.
3 Likes
Then what does 'Isolate Clients' under Wireless Overview/'the AP/Edit/Device Configuration/ Interface Configuration/Advanced Settings do?
you are mixing oranges and apples 
WIFI is single entry point device. All packets go in WIFI, get processed and then decision is made what to do with them
swich (device) and switch chips are different story
they are multi entry point and often switch chip fabric is configured to simply pass traffic from one port to another. OpenWRT swconfig does not provide "port isolation" mode, and DSA is slightly better because separate rj45 ports but still no native "port isolation" mode ...
only way to get proper L2 isolation is managed switch where you could allow/deny ports at switch fabric level to communicate
please, google for "switch port isolation", "L2 broadcast domain" etc
3 Likes
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.