Guest isolation on mesh node when in access point mode


New Around Here
I just bought 2 ASUS ZenWiFi AX6600 routers which are running the up-to-date stock firmware and are in access point mode. I have been able to get guest isolation (blocking access to the local network) working on the primary access point with
ebtables -t broute -A BROUTING -i wl1.1 -p IPv4 --ip-dst -j DROP

I am wanting to also get guest networks working the same way with my mesh nodes. Unfortunately, this seems to be a rather new feature (the Guest Network “Sync to AiMesh Node”), so there isn't much information on it that I can find.

The mesh node is connected to the primary node via the secondary 5ghz channel, so I think the rule has to do something with that routing. I tried adding all of the following to the mesh node, but none of them worked.

ebtables -t broute -A BROUTING -i wl1.1 -p IPv4 --ip-dst -j DROP
ebtables -A FORWARD -i wl1.1 -p IPv4 --ip-dst -j DROP
ebtables -A INPUT -i wl1.1 -p IPv4 --ip-dst -j DROP

Any thoughts on how I might make this possible?


Very Senior Member
That is one of the things I like about my eero pro units, even in their Bridge (AP) mode they can separate the Guest network across all nodes. I was never able to do that with any of the Asus wifi routers I had.
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!