I have done a lot of reading on this issue on the compuserves. Much of the most useful info is from this group (SNB). So I joined. My setup is a ASUS RT-AC86U router. My main LAN is 192.168.0.1 which has my ethernet connected desktops and a Linux server (in the same room). I want to to set up a wireless "Guest" network that cannot see the desktops and server but can access the printer (Brother MFC-J825DW) on 192.168.0.9 which is wireless on the main SSID. I have researched multiple path to this end and they include...
- Set up guest network in router with LAN access disabled. This sets up a new subnet 192.168.101.0/24. So no access to the desktops and the server but also no access to the printer. I then tried static routing and firewall rules (network services filter) native to the router to allow access to the printer but could not get that to work. Is it possible to get this to work? I may just be missing some key elements on the setup.
- Set up guest network in router with LAN access enabled. Now printer worked, but I soon found out you cannot firewall filter in the same subnet to prevent access to the desktops/server
- I have read a little about iptables and such. Is this inclusive of the native firewall rule or takes the place of them?
- I am not opposed to buying a smart switch and setting up a VLAN, but would first like to know how to do it otherwise with the devices I have..
I would like to know the easiest way to do this as well as any other more complex ways that might work as I am trying to learn this stuff. I would also like to know how to interpret the routing table, particularly the Flags and Iface. The pic below shows the routing table for the guest network subnet when LAN access is disabled
- Set up guest network in router with LAN access disabled. This sets up a new subnet 192.168.101.0/24. So no access to the desktops and the server but also no access to the printer. I then tried static routing and firewall rules (network services filter) native to the router to allow access to the printer but could not get that to work. Is it possible to get this to work? I may just be missing some key elements on the setup.
- Set up guest network in router with LAN access enabled. Now printer worked, but I soon found out you cannot firewall filter in the same subnet to prevent access to the desktops/server
- I have read a little about iptables and such. Is this inclusive of the native firewall rule or takes the place of them?
- I am not opposed to buying a smart switch and setting up a VLAN, but would first like to know how to do it otherwise with the devices I have..
I would like to know the easiest way to do this as well as any other more complex ways that might work as I am trying to learn this stuff. I would also like to know how to interpret the routing table, particularly the Flags and Iface. The pic below shows the routing table for the guest network subnet when LAN access is disabled