Hi,
I am trying to set up two WLANs in parallel:
a) one regular for accessing wan and lan
b) one guest-wlan for accessing wan only
Both are set up and working fine,
but it is still possible to access the lan from the guest-wlan.
I would like to prevent this kind of access that. Any ideas ?
Thanks !
Itymoneus
Configuration for my guest-WLAN (TP-Link WS1043ND with Backfire (r24038)):
/etc/config/network:
…
config 'interface' 'guest'
option 'proto' 'static'
option 'ipaddr' '10.0.0.1'
option 'netmask' '255.255.255.0'
option 'ifname' 'wlan1'
…
/etc/config/wireless:
…
config 'wifi-iface'
option 'device' 'radio0'
option 'ssid' 'GUEST'
option 'mode' 'ap'
option 'key' 'xxxxxxxxxxxxxxxxxxxxx'
option 'network' 'guest'
option 'encryption' 'psk2'
option 'eap_type' 'TLS'
…
/etc/config/firewall:
…
config 'zone'
option 'name' 'guest'
option 'forward' 'REJECT'
option 'output' 'ACCEPT'
option 'input' 'ACCEPT'
config 'forwarding'
option 'src' 'guest'
option 'dest' 'wan'
…