What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

RT-BE96U - Blocking WAN while maintaining LAN on Guest Network Pro/VLAN

V

vector01

New Around Here
Hi everyone I'm new here. Relatively new to home networking. I have a RT-BE96U running ASUS firmware version: 3.0.0.6.102_37849.

I have 3 Tapo/TP-Link Wi-Fi cameras on a guest network pro SSID/VLAN (not on main subnet). I want to be able to access via LAN, but I don't want them connected to Tapo's cloud/WAN. If I block their internet in the ASUS router app, they lose LAN connection. I have them on static IPs and tried to use Network Services Filter in the firewall settings, but it didn't work.

Can this be achieved with the ASUS firmware?

If not, I'm open to potentially exploring trying Merlin, but would like some guides on how to do it if there are any.
 
vector01 said:
I have 3 Tapo/TP-Link Wi-Fi cameras on a guest network pro SSID/VLAN (not on main subnet). I want to be able to access via LAN, but I don't want them connected to Tapo's cloud/WAN. If I block their internet in the ASUS router app, they lose LAN connection. I have them on static IPs and tried to use Network Services Filter in the firewall settings, but it didn't work.

Can this be achieved with the ASUS firmware?
Click to expand...

Do the cameras lose their local network connection... or, is a camera app no longer able to access the cameras because they are designed to be accessed by way of their Internet cloud account, locally or remotely from anywhere?

Are the camera static IPs assigned by the router, or by you manually on each camera?

OE
 
vector01 said:
I have 3 Tapo/TP-Link Wi-Fi cameras on a guest network pro SSID/VLAN (not on main subnet). I want to be able to access via LAN, but I don't want them connected to Tapo's cloud/WAN.
Click to expand...
If you want the cameras to access the main LAN clients, why bother putting them onto a Guest Network? Why not just put them on the main LAN WiFi, then use the Parental Controls bock internet option (or Network Map, client block internet option).

vector01 said:
Can this be achieved with the ASUS firmware?

If not, I'm open to potentially exploring trying Merlin, but would like some guides on how to do it if there are any.
Click to expand...
Do a search of the Asus forums here and you'll find numerous people over several discussions having similar wishes/issues. Wanting to block WAN access to Guest Network Pro clients while having access to local network main LAN clients. The Guest Network Pro Access Intranet feature is hit or miss, either works or it it doesn't. Some are resorting to using iptables scripting in a firewall-start file to block WAN access to Guest Network Pro clients and also allowing access to local network LAN clients.

Some past discussions...
www.snbforums.com

RT-AX86U Pro - Restrict IoT Network

Is there a way to disable Internet access for the IoT Network in the "Guest Network Pro"? I use the default Asus Firmware 3.0.0.6.102.
www.snbforums.com www.snbforums.com
www.snbforums.com

RT-AX88U Pro Blocking Internet Access

I'd like to block Internet access to some devices connected to the IoT network and Guest network. I am not able to block Internet access to the devices connected to the IoT networks or any network that is not setup to use the main network. Even when using the MAC address in Parental Controls...
www.snbforums.com www.snbforums.com
www.snbforums.com

RT-AX88U Pro - Blocked Internet Access on Guest Network Not Working!

I setup a Guest Network and linked it to a network port for a Blue Iris Camera setup. All that's here is a server, wired POE cameras, and wireless cameras. I want the server to have full internet access but all other devices blocked as I don't want the cameras to have the ability to "phone...
www.snbforums.com www.snbforums.com

Example iptables scripting with a firewall-start file at this post:
https://www.snbforums.com/threads/t...st-network-pro-limitations.94438/#post-952345
One may have to do some experimenting ,and searching of this forum to find past script examples, to get things to work right for their use case.

To use a firewall-start script file one will need to move to using Asus-Merlin firmware. Some have gone back to the 3004.388.x firmware on their 3006.102.x firmware supported routers in order to regain usage of YazFi to accomplish the blocking of internet while allowing main LAN access for Guest Network clients. YazFi is not supported under 3006.102.x firmware.
 
You must log in or register to reply here.

Similar threads

S
Guest network pro while in AP mode and VLAN setup?
Replies
0
Views
394
snovvman
S
B
Tutorial Pi-Hole for both LAN clients and Guest Network (VLAN) clients
Replies
0
Views
170
bbunge
B
GamerKingFaiz
[Guest Network Pro] Access device on guest network from main network
Replies
3
Views
432
bennor
B
D
Guest Network Pro issues on AX86U Pro
Replies
4
Views
393
bennor
B
J
Asus RT-BE96U limited to ~100mbps after 3-5+ days (local area network testing only, no Internet)
Replies
4
Views
626
degrub
D
Similar threads
Thread starter Title Forum Replies Date
S Slow 2.4ghz AXE-11000, Upgrade to RT-BE96U? ASUS Wi-Fi 9
J Asus BE96U slowness (< 150mbps) ASUS Wi-Fi 2
Find the Door Upgraded from GT AX6000 to BE96U ASUS Wi-Fi 2
W Asus BE96U Initial setup ASUS Wi-Fi 2
R Time based parental controls without entirely blocking device ASUS Wi-Fi 2
O ASUS AIMESH issues and dual wan ASUS Wi-Fi 5
0 Asus XT9 WAN question ASUS Wi-Fi 3
128bit education: DNS-WAN vs DNS-LAN ASUS Wi-Fi 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 837 (members: 15, guests: 822)
Back
Top