1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Blocking mulitcast from lan to wlan

Discussion in 'Tomato Firmware' started by jonaseg, Aug 11, 2009.

  1. jonaseg

    jonaseg Addicted to LI Member

    I have this situation:
    I have a media-pc and a TV decoder. These are connected to different ports in the ONT(Optical Network Terminal), as my ISP use some vlaning or something to separate internet and multicasted IPTV.
    Instead of "splitting" the network cable(using two pairs for each connection) i decided to wire this as shown in the illustration underneath.
    Doing this everything using cables works as intended, but I think the multicast "overloads" the wlan, causing all wireless devices to be unable to reach anything.

    [​IMG]

    Is it possible to block mulitcast from going to the wlan? Or to refuse port 1 to "talk" to any other port than 3? Or any other solution you may have.


    I am currently using Tomato firmware running on a WRT54G v.2(or 2.2, I don't remember).
     
  2. bogderpirat

    bogderpirat Network Guru Member

  3. jonaseg

    jonaseg Addicted to LI Member

    Ah, that seems to have done the trick!
    I guess I can not expect to communicate with a device on wlan when on lan and the opposite?

    Thank you very much!
     
  4. bogderpirat

    bogderpirat Network Guru Member

    of course you can. iptables rules to allow traffic between the two bridges/subnets are all there. the only thing that doesn't work is multicast between the two network segments; for one part that applies to iptv-data, for the other part things like the automatic discoveries of other windows boxes in the network won't work probably.

    from one net segment (i.e. .0.x) however, you can access the other (i.e. .1.x) and vice versa - try it with ping
     
  5. jonaseg

    jonaseg Addicted to LI Member

    Hmm, I could not at my fist attempt at least, but I will try once more.. Could not use windows' filesharingthingy at least.

    Do you think you can send me your config? Anonymizing it first of course.

    Edit:
    Okay, everything except windows shares seems to work. Http works between wlan and lan, while I can not get the windows-shares to work properly.
    But as I am sharing a printer and some files over windows share, I would like to have that working too.
     
  6. bogderpirat

    bogderpirat Network Guru Member

    have you tried accessing the shares directly via ip?
    like write "\\192.168.0.23\" into the windows explorer address bar?
     
  7. RonWessels

    RonWessels Network Guru Member

    If you try to use Windows file and printer sharing across subnets, you will have to modify the scope of the exception in the Windows Firewall. The default scope is "Subnet", which will not be satisfied across subnets. Or, of course, you could just disable Windows Firewall.
     
  8. jonaseg

    jonaseg Addicted to LI Member

    That worked like a charm!

    Thank you guys for helping me out.
     

Share This Page