Empassant18
Occasional Visitor
Hey Folks,
I have been doing lots of research and know about the following threads on this topic, however, I am wondering if there who has figured this out recently. I got a good start by following these threads:
Guest Wireless in Access Point Mode
Using VLANs for a 2nd Access Point with home & guest wifi
I posted this problem in another forum and I hope you can help me solve it.
I am trying to block wireless guest access on my access point (I have two Asus routers - one in router mode and one in AP mode. I have guest access on each but the AP was allowing access to the LAN. I fixed that by implementing the following in my "services-start" script.
However, I can still access the IP addresses of the router and the AP from the guest, but everything else on the LAN is blocked. Here is the code I am using in the script. Please tell me what I should add to block access to the router and access point:
--------------
#!/bin/sh
#nvram commit
killall eapd
eapd
#enable wifi guest isolation (for wifi clients only, not lan)
wl -i wl0.1 ap_isolate 1
#block lan access to/from wifi guests
ebtables -I FORWARD 1 -d Broadcast -j ACCEPT
ebtables -I FORWARD 1 -s XX:XX:XX:XX:XX:XX -j ACCEPT
ebtables -I FORWARD 1 -d XX:XX:XX:XX:XX:XX -j ACCEPT
ebtables -I FORWARD 4 -i wl0.1 -j DROP
ebtables -I FORWARD 4 -o wl0.1 -j DROP
#start of entware loading
RC='/opt/etc/init.d/rc.unslung'
i=30
until [ -x "$RC" ] ; do
i=$(($i-1))
if [ "$i" -lt 1 ] ; then
logger "Could not start Entware"
exit
fi
sleep 1
done
$RC start
---------------
Where XX:XX:XX:XX:XX:XX is the MAC of the main router's LAN bro.
Please assist and thanks in advance. Any ideas?
I have been doing lots of research and know about the following threads on this topic, however, I am wondering if there who has figured this out recently. I got a good start by following these threads:
Guest Wireless in Access Point Mode
Using VLANs for a 2nd Access Point with home & guest wifi
I posted this problem in another forum and I hope you can help me solve it.
I am trying to block wireless guest access on my access point (I have two Asus routers - one in router mode and one in AP mode. I have guest access on each but the AP was allowing access to the LAN. I fixed that by implementing the following in my "services-start" script.
However, I can still access the IP addresses of the router and the AP from the guest, but everything else on the LAN is blocked. Here is the code I am using in the script. Please tell me what I should add to block access to the router and access point:
--------------
#!/bin/sh
#nvram commit
killall eapd
eapd
#enable wifi guest isolation (for wifi clients only, not lan)
wl -i wl0.1 ap_isolate 1
#block lan access to/from wifi guests
ebtables -I FORWARD 1 -d Broadcast -j ACCEPT
ebtables -I FORWARD 1 -s XX:XX:XX:XX:XX:XX -j ACCEPT
ebtables -I FORWARD 1 -d XX:XX:XX:XX:XX:XX -j ACCEPT
ebtables -I FORWARD 4 -i wl0.1 -j DROP
ebtables -I FORWARD 4 -o wl0.1 -j DROP
#start of entware loading
RC='/opt/etc/init.d/rc.unslung'
i=30
until [ -x "$RC" ] ; do
i=$(($i-1))
if [ "$i" -lt 1 ] ; then
logger "Could not start Entware"
exit
fi
sleep 1
done
$RC start
---------------
Where XX:XX:XX:XX:XX:XX is the MAC of the main router's LAN bro.
Please assist and thanks in advance. Any ideas?