What's new
By:

isolating devices

D

davidr83

New Around Here
Hello,

Is it possible to isolate devices connected to the same interface on the router? So that they can talk to the internet, but not each other? I tried with iptables, but it looks like this didn't have any effect on the packets within the same subnet.

Thanks!
David
 
The simplest method might be to utilize the Guest Network feature and set the guest network for Internet only and no intranet connectivity.
 
In addition to guest network suggestion, you might have to turn on AP isolation too. I've never tested it, so am just speculating.
 
cool, thank you both for the suggestions. i thought the guest network stuff only worked for clients connected to wifi. is it possible to use it with wired clients too ?
 
The guest network solution will only work for WiFi connections.

Using SOHO type equipment and wanting isolation, my next recommendation is that you double NAT routers with each router having its own subnet. Use your ASUS as the primary router and depending on the speed that you need use less expensive routers for you secondary router. Even inexpensive old 54Gs should be able to handle up to 40Mbps download speeds using an Ethernet connection.

If you want maximum speed then consider a name brand router with Gigabyte LAN ports. Since WiFi isn't a consideration no need to go overboard with dual band radios, AC, etc.

You might also want to look at the feature set of DD-WRT. I haven't experimented with it recently, but if any firmware would have the isolation feature it might be DD-WRT. If it will work for you is another question because my experience with DD-WRT is that while a feature my exist in DD-WRT it doesn't always work on every router.
 
Ethernet clients cannot be isolated, since all the traffic goes through a switch and not through the TCP/IP stack/Netfilter subsystems.
 
You must log in or register to reply here.

Similar threads

S
Which Merlin-capable routers can do this type of VLAN?
Replies
9
Views
2K
StR
S
L
strange problem router not passing packets when connect via secondary access points
Replies
2
Views
272
lgkahn
L
R
Can't ping Printer when Devices are on different AP's
Replies
7
Views
740
Rando
R
L
RT-BE88U - Inter-VLAN ACLs using Merlin?
Replies
5
Views
1K
Laggiter
L
I
RT-BE92U and WireGuard Server
Replies
0
Views
282
Intelectronic
I
Similar threads
Thread starter Title Forum Replies Date
D RT-AX58U with RT-AC68U AiMesh node - all devices dropping from all networks regularly Asuswrt-Merlin 17
J IoT Devices falling off nodes (only) always requires reboot to fix Asuswrt-Merlin 24
M Update Merlin website to show which devices are compatible with Merlin 388 and 3006? Asuswrt-Merlin 3
M BE98 Guest Network blocks all devices on LAN ports being able to interact Asuswrt-Merlin 2
R Can't ping Printer when Devices are on different AP's Asuswrt-Merlin 7
visortgw Merlin 3004_388.10_alpha1 (now 3004_388.10_alpha2 for most devices) Asuswrt-Merlin 120
M Cannot access blocked devices over VPN Asuswrt-Merlin 0
B Regular monitoring of devices connected to the router: Asuswrt-Merlin 17
W IPv6 Routing Rules Not Working to Redirect Local Devices Via Wireguard VPN Clients Asuswrt-Merlin 9
Zakalwe Disallow OVPN clients on asuswrt-merlin from accessing ANY LAN devices, but allow WAN? Asuswrt-Merlin 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,824 (members: 12, guests: 1,812)
Back
Top