I have RB2011UAS-RM router and UniFi AP for wireless connection, with 2 VLAN’s for Guest and Intranet network.
When client one time connected to Intranet I want to automatically block the client to be connected to Guest network and inversely!
How do I do this?
Use filters in the forward chain in IP Firewall.
More detail…
Router:
VLAN1 on eth3, DHCP server 192.168.0.0/24
VLAN2 on eth3, DHCP server 10.10.10.0/24
UniFi AP just decide where to send client:
VLAN1 WiFi Intranet
VLAN2 WiFi Guest
Still when client connect to Intranet he gets IP address eg. 192.168.0.101.
When connects to Guest he gets IP address eg. 10.10.10.126
I want to permit client connection, when client connected one time to Guest, blocking connection to Intranet and vice versa.
I changed client IP to static, and server to all, but he also gets IP from Guest from subnet 10.10.10.x…
How can i solve it?
Do you mean that you want some part of the connection to remember that a client had previously connected and only allow it to connect to the same network (Guest or Intranet) thereafter?