Hi all.
Some users are connected via radio to an access point (all mikrotik).
All users became to a bridge in the access point.
In the AP I have a dhcp server giving an ip to all users.
For some reasons, one user have a dhcp server active in the interface connected to the AP bridge.
How could I isolate users each other at L2 in the bridge to avoid this ?
If I give Horizon=1 to the wlan1 in the bridge this mean all users connected to wlan1 cannot communicate al L2 each other ?
If yes, the problem is I have some users connecting in station-wds creating each one a new interface dinamically inserted in the bridge. This dynamic interfaces fall in the same horizon of the parent interface ?
The horizon option in the bridge says that any traffic coming in on a port cannot leave through another port with the same horizon value, so in essence yes it is doing client isolation over the bridge itself. I’m not sure if sub interfaces will inherit the horizon value of the parent interface, since it’s a setting you put on for each interface in the bridge yourself.
Don’t forget to turn off default forwarding on your wireless interfaces as well to prevent clients from talking to each other over the wireless radio.