I’ve spent several hours searching and reading through these forums, and other’s I’ve found online, but can’t find what I’m looking for. I’ve tried several examples on my own as well and it didn’t work.
I have 3 VirtualAPs set up on my router. 1 is a hotspot, the other two are wireless networks for two different companies in the same building.
I was successfully able to setup the hotspot with no problem. Using firewall rules, I was able to block traffic to the other two APs.
My other two VirtualAPs are:
GTS - 192.168.2.1
WP - 192.168.3.1
They both have their own DHCP servers as well. They can get online and everything as far as internet access is ok.
I’m trying to keep GTS from communicating with WP. I added a drop rule in the firewall and it didn’t work.
For example, for GTS in the firewall I did:
Forward
Source as 192.168.2.0/24
Destination as 192.168.3.0/24
and chose to drop.
For whatever reason, it’s not dropping. When I’m on GTS I can ping anything on WPs network.
Any clue as to why the firewall rule isn’t working? I’m overlooking something…
Thanks for any help/feedback. I really appreciate it.
If the firewall rule isn’t working, the chances are it’s because either you specified the rule incorrectly or the traffic is not being routed through the RB. Please can you post output of the following commands:
I am also having this issue. The firewall rules are being ignored.
I have the rb2011 Mikrotik.
ether1 = WAN = 10.0.0.99/24
ether2 = LAN/WLAN1 = 10.0.10.0/24
WLAN2 = virtual AP = 10.0.5.0/24
dhcp1 = bridge-local
dhcp2 = wlan2
hotspot1 Interface = wlan2
I don’t want the hotspot clients to access 10.0.10.1 login page of the router, and I don’t want the hotspot clients to access any of the 10.0.10.1 LAN/WLAN1
I only want hotspot clients to reach the internet, not internal LAN. And hotspot clients should not be able to see other hotspot clients devices.