Client isolation within Guest-WLAN possible?

Discussion in 'Tomato Firmware' started by philess, Apr 4, 2013.

  1. philess

    philess Networkin' Nut Member

    Hey guys,

    is it possible to isolate multiple clients within a (virtual wifi by vlan) from each other?

    Usage would be something like a small hotel, providing internet access to their guests,
    but i want to block all guests from accessing each other (eg. SMB services etc).

    The "AP isolation" GUI option supposedly does that but afaik it doesnt really work.
    Should be possible through iptables rules, right?
  2. gfunkdave

    gfunkdave LI Guru Member

    If the AP Isolation feature doesn't work, then I don't think it can be done. iptables only works for routed connections. Since wireless clients are all on the same LAN segment, no routing is involved. I bet some enterprise wireless equipment could do it, but this is beyond Tomato's capabilities.
    philess likes this.
  3. lancethepants

    lancethepants Network Guru Member

    That's why it's always recommended to use a VPN or some other tunneling protocol when on Public Wifi.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice