What's new

Prevent Guest Router from Accessing main subnet

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

dvaz

Occasional Visitor
I have a spare router acting as guest hot spot, with its own dhcp server. Its connected to the main router via its WAN port, so it gets its IP from the main Asus router. Reason for this vs enabling guest network is because I can set QoS priority on all guests just using the second routers IP instead of one by one.

Lets say Asus router ip: 192.168.1.1
Guest router: 10.0.1.1 ( 192.168.1.200 is the WAN IP )
Guest router is running its own dchp server.
What do i need to do to prevent clients from the guest from accessing the main LAN?
I would assume i would need an IPtables script to drop all connections coming from 192.168.1.200?
 
...,,.

I would assume i would need an IPtables script to drop all connections coming from 192.168.1.200?

Would that not effectively disconnect your guest router? Would you not want to drop all connections to any address in the range 192.168.1.2 to 192.168.1.255?
 
Would that not effectively disconnect your guest router? Would you not want to drop all connections to any address in the range 192.168.1.2 to 192.168.1.255?

Yeah my bad wasnt clear. I think the way to do it would be dropping all packets coming from 192.168.1.200 to the local lan.
 
Ok, thanks. I'm a total novice at this, so I'm keen to follow where you get to with it - not that I plan to mess with iptables, but I'd like to understand more about it, just in case.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top