1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

how to block LAN communication?

Discussion in 'Tomato Firmware' started by SiLeK, Feb 6, 2007.

  1. SiLeK

    SiLeK Network Guru Member

    I need to block ALL communications between i.e. Computer1 and Computer2 on LAN. Both should have internet access, but should not see each other.
    Is it possible?

    Anybody can set this with i.e. iptables?

    I have WRT54G + Tomato 1.01
     
  2. GhaladReam

    GhaladReam Network Guru Member

    Are you wired or Wireless?

    If you're wireless, there's an option called AP Isolation in the Advanced-->Wireless menu in Tomato. If you turn it on, all wireless clients will be completely isolated from eachother, not able to see that the other one is even there.
     
  3. roadkill

    roadkill Super Moderator Staff Member Member

    you can filter the ports so computers would be unable to contact each other
     
  4. SiLeK

    SiLeK Network Guru Member

    Wired. AP Isolation is not an option.

    What exactly ports? Are they wont see each other on network neighborhood?
     
  5. roadkill

    roadkill Super Moderator Staff Member Member

  6. u3gyxap

    u3gyxap Network Guru Member

    iptables has nothing to do here.
    You can do that _only_ if the computers are both connected in different ports on the WRT54G, say 1 and 2.
    You need to create a separate VLAN for one of them. This way they will be separated, as they were connected in different networks. You can you this as a guideline:
    http://forum.openwrt.org/viewtopic.php?id=1154
    It's for a different firmware, but it is applicable.
     
  7. roadkill

    roadkill Super Moderator Staff Member Member

    absolutely right VLANs are far better idea
    :biggrin:
     

Share This Page