1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Deny local traffic for wireless clients?

Discussion in 'Cisco/Linksys Wireless Routers' started by Gusi, Nov 23, 2004.

  1. Gusi

    Gusi Network Guru Member

    Hi!
    I have a WRT54G 2.0 and I would like to allow wireless clients to connect to the Internet, but not to see my local network (wired computers to the Linksys).
    I've tried with the access policies, denying the Netbios ports, but I realized it is only denying the outgoing requests (to Internet) but not between clients.
    It's possible to do this? I need an unofficial firmware like Alchemy o HyperWRT to do this?

    Thanks in advance,

    GUSi.
     
  2. Esquire

    Esquire Mesquire Staff Member Member

    Are you running a firewall on your wired clients?
     
  3. Gusi

    Gusi Network Guru Member

    No, because all my local network is trusted and don't have DMZ enabled in the router.
    Of course with a firewall in the wired clients it could be easily done, but I'd prefer to use the linksys capabilities if possible.
     
  4. Guyfromhe

    Guyfromhe Network Guru Member

    if you install custom firmware on your router you can implement firewall rules directly on the router.. I have a setup exacly the way you want to set yours up except I have firewalls on my internal systems, this is just an extra precaution..

    WLan clients can access the internet but don't have access to anything on the lan except a couple select services... i've also limisted the ip range that can be used... You can't really do this with normal firmware... i'm sure you can do this with just aout any custom firmware but i've only every done it with wifi-box if you need a walkthrough drop me an e-mail jared-j a-t xl0.org and we can talk about exactly what you need to do to set it up.. please inlcude your lan ip range/subnet and your routers ip in the e-mail and i'll try to help you get it setup.
     
  5. Gusi

    Gusi Network Guru Member

    Thanks a lot for the reply, Guyfromhe.
    That's good news!
    Only one more question. What kind of firewall implements wifibox? Ipchains or similar? Has to be configured from telnet or it has a web page?
    I ask you these because I haven't played with any unofficial firmware, and I'd like to know which is the best stable and simple to use of the three (wifibox, hyperwrt, sveasoft) before flashing if possible.

    Thanks again!
     
  6. Guyfromhe

    Guyfromhe Network Guru Member

    wifibox uses iptables....
    i think sveasoft uses smoothwall unless they've changed it or I misread the info...
    they all have web interfaces but I think you have to confgure specific rules in telnet on all of them...
    with wifibox you can put the rules into the startup script or load a ruleset from a webserver on your lan or elsewhere if you want I don't kno whow to do it with sveasoft, i've only used it once... I like the web interface of wifibox better, but sveasoft has more features, I personally chose to run wifibox though it's really up to you...maybe some sveasoft users can comment on setting this up under sveasoft, like I said if you need help with anything left me know.
     

Share This Page