Trouble creating a isolated guest network, isolating not working

I want to create a isolated guest network, but the function "Isolate Clients" is not working. when joining the guest-made wlan, i can still access I want the devices that join through this SSID only access the web, preferably through the wireguard interface i have set, but if not possible simply directly to the WAN interface.

Here are some screenshots of the setup:

Help would be appriciated, thanks!

Correct me if I am wrong, but is the router and client isolation clearly mentions that prevents client-to-client communication.

Then you need a combination of firewall rules as described in guest wifi along with Policy Based Routing where you have 3 options:

  1. mwan3 package
  2. pbr package
  3. a set of rules/routes for the non default traffic.

Thanks for your reply!
Oh so the router isnt considered a client in this case? I tried to access other ip's that are connected through the main ssid, while being connected to the guest ssid, and can still access those other ip's.

I didnt use those command line instructions yet that you linked me. Do they show in luci after all being applied? I can give that a shot. Does it still work if i force in firewall settings for lan to go to my wireguard interface and deny lan>wan?


Other SSIDs are not controlled by isolation, but by firewall zones.

Yes, but I gave them as a reference, not to be used verbatim.

Not if routing is not correct, you'll be dropping all traffic.