Transparent switch with firewall. How to implement?

D

defrel2017-02-19 20:52:17

Computer networks

defrel, 2017-02-19 20:52:17

Hello people!
Tell me, please, how to implement, or poke where to read, the question is probably simple.
In general, you need to configure the device (router, managed switch, it doesn't matter) in transparent mode between Wi-Fi clients (1 ssid) and local DHCP.
Available:
-On the one hand, several WiFi points in AP mode.
-On the other hand, a router with DHCP for WiFi clients, and wan to the Internet, NAT is enabled.
You need to put the device between these two parts so that WiFi clients do not see it (they only see the DHCP router), but at the same time, the device must be able to configure rules for all or a specific client by mac (deny / allow ports, possibly deny access to some url, control arp, and disable local traffic between clients). On the device, let's say, there are several ports, 1 to the router, the rest to WiFi points.
Interested in the name of such a system, in the first place, and what methods (in short) it can be solved. I apologize for the somewhat chaotic description, I, unfortunately, am not an expert in this area. Thanks in advance to those who answer)

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

A

Armenian Radio, 2017-02-19
@defrel

There is no such device (solving all your tasks).
Traffic isolation between clients is possible either using personal tunnels or using special access points with a controller.

K

Konstantin Stepanov, 2017-02-19
@koronabora

Take a router on openwrt, output a port or several to a separate vlan, make a separate zone for the firewall and work with it.

R

Ruslan Fedoseev, 2017-02-19
@martin74ua

and what prevents all this from being implemented on the router? for maximum flexibility, take either Mikrotik or OpenWrt

H

huko, 2017-02-20
@huko

You can put the same Mikrotik in the gap, set up a bridge + bridge filter rule.
A more advanced option is linux + ebtables.