DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Guest network client isolation - mixed wired & wireless
- playerone
- Topic Author
- Offline
- Banned
Less
More
- Posts: 9
- Thank you received: 0
04 Oct 2020 14:37 #97351
by playerone
Guest network client isolation - mixed wired & wireless was created by playerone
Hi,
Has anyone succeeded in making a mixed wired and wireless guest network? I'm failing so far
I have 3 VLANs trunked between my G2260 switch & 2862ac router, one of which is to be my guest network.
On the router guest SSIDs I have member isolation checked, this stops WiFi to WiFi client traffic but guests can reach the router & out to the internet.
On the switch I have the guest ports and trunk port in a Private VLAN with port isolation on for the guest ports (but not the trunk port). This stops wired guest to wired guest traffic but the router can still be reached.
The problem is WiFi guests can see all wired guests and wired guests can see all WiFi guests. The only way I have found to stop that is to check member isolation for the trunk port in the private VLAN on the switch. But if I do that the wired clients cannot reach the router & internet.
How can I stop the router routing between the trunk port (P1) and Wifi for this VLAN?
Thanks in advance.
Has anyone succeeded in making a mixed wired and wireless guest network? I'm failing so far
I have 3 VLANs trunked between my G2260 switch & 2862ac router, one of which is to be my guest network.
On the router guest SSIDs I have member isolation checked, this stops WiFi to WiFi client traffic but guests can reach the router & out to the internet.
On the switch I have the guest ports and trunk port in a Private VLAN with port isolation on for the guest ports (but not the trunk port). This stops wired guest to wired guest traffic but the router can still be reached.
The problem is WiFi guests can see all wired guests and wired guests can see all WiFi guests. The only way I have found to stop that is to check member isolation for the trunk port in the private VLAN on the switch. But if I do that the wired clients cannot reach the router & internet.
How can I stop the router routing between the trunk port (P1) and Wifi for this VLAN?
Thanks in advance.
Please Log in or Create an account to join the conversation.
- hornbyp
- Offline
- Big Contributor
Less
More
- Posts: 1323
- Thank you received: 0
04 Oct 2020 16:51 #97352
by hornbyp
Use different VLANs for wired and wireless guests?
Replied by hornbyp on topic Re: Guest network client isolation - mixed wired & wireless
PlayerOne wrote:
How can I stop the router routing between the trunk port (P1) and Wifi for this VLAN?
Use different VLANs for wired and wireless guests?
Please Log in or Create an account to join the conversation.
- playerone
- Topic Author
- Offline
- Banned
Less
More
- Posts: 9
- Thank you received: 0
04 Oct 2020 17:26 #97353
by playerone
Replied by playerone on topic Re: Guest network client isolation - mixed wired & wireless
That's my thinking too if nothing better turns up. Allegedly (unconfirmed) Asus routers have a checkbox to extend client isolation to hard ports, hope is fading that it's there somewhere yet to be found in DrayTek.
Bit of a PITA having yet another subnet & VLAN to manage. I lied in my first post for simplicity, I'm actually up to 5 VLANs which already feels faintly ridiculous for a home office environment.
Oh well, keeps the grey cells from rusting
Thanks hornbyp
Bit of a PITA having yet another subnet & VLAN to manage. I lied in my first post for simplicity, I'm actually up to 5 VLANs which already feels faintly ridiculous for a home office environment.
Oh well, keeps the grey cells from rusting
Thanks hornbyp
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek