Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
Nikita Melikhov2014-11-02 22:07:55
linux
Nikita Melikhov, 2014-11-02 22:07:55

Guest WiFi - access restriction?

Hello. Here the question is a little noobish, but my head doesn’t want to work anymore, I decided to seek advice.
There is a network - Internet - > Mikrotik with the address 10.0.5.1/28 -> dlink-615 router with openwrt with the address 10.0.5.14/28, configured just as an access point. Server (AD, Samba, XBMC, etc...) with address 10.0.5.10/28 (for example). Also, Mikrotik keeps several tunnels for work, a total of about 15 routes to different subnets, set it up on sick leave, and left it.
Out of kindness, I decided to raise a guest network for friends' neighbors, who come to visit very often and in large quantities, there are not enough addresses for everyone, and I'm sick of adding poppies to DHCP.
Created wifi - interface without password "Guest_51", assigned address 172.14.1.1/24, DHCP server, natified interface on lan,
The problem is that from this network there should not be access either to my network or to working subnets, only access to the Internet.
I see 2 solutions:
1) Create a vlan on Mikrotik, vlan on a long one, a wifi interface in a bridge with a vlan
2) Destroy a firewall
Advise how this can be done?
UPD: I am attaching a clumsy network map
4f03219326254c3f8abcc05a51e068d9.jpg

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
S
Stanislav Somov, 2014-11-03
@DarkDemon

In pictures on openwrt in 5 minutes wiki.openwrt.org/doc/recipes/guest-wlan-webinterface
via configs wiki.openwrt.org/doc/recipes/guest-wlan
in pictures in Russian https://docs.google.com /document/d/1HGJqoD4zdtkk-C...

Report
K
Kirill 1, 2014-11-03
@SmileyK

Mikrotik initially routes networks between themselves .... c56933d24da04d7d87a0f472ef579d70.pngsomething like this to do if? suit?

Report
C
Cool Admin, 2014-11-04
@ifaustrue

The rule needs to be created only on dlink. Above the level, you no longer have the same addressing that is used in your guest network and Mikrotik will not see it.
Alas, I do not know the possibilities of wrt'shki to offer an alternative.

Report
X
xjunkiex, 2015-01-06
@xjunkiex

it's called wifi isolation
wiki.openwrt.org/doc/uci/wireless
Name Type Required Default Description
isolate boolean no 0 Isolate wireless clients from each other, only applicable in ap mode. May not be supported in the original Backfire release for mac80211

Similar questions
R
Roman2017-08-16 16:14:51
Yes, what's the problem? 4Reply
V
Vadim2019-12-14 20:14:34
How to create an admin for a PostgreSQL database using the command line? 1Reply
N
noevekshen2019-12-15 23:02:42
Creating a linux distribution? 1Reply
S
Sergey Mavrin2015-08-11 13:25:03
How to automatically set rights for a group on newly created files? 2Reply
A
AlizonJohn2017-07-18 16:13:50
What is the difference between SSH and reverse SSH and how to use them in a home router? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question