Good afternoon,
I would like to know how to implement client isolation in our setup. We are a FISP and provide RB2011 devices to our business circuits. Each customer is using port 1 of their device which is bridged to our data VLAN. All the customers are on the same subnet. Because of that, if a customer clicks on “Network discovery” on their PC, they can see other business customers devices and equipment. How do we isolate each client when they are bridged on the same network?
Thank you.
Something is wrong with your business choices…
Like the choice of the network administrator,
that hasn’t thought about isolating the LAN of their customers, at the start of the business…
Probably other forum members could criticize even more…
Hire some MikroTik consultant to close all security holes on your “network”…
https://mikrotik.com/consultants/northamerica/usa
I know it’s bad. I’m taking over this network. I’m just trying to fix it.
My advice is serious, I don’t think that by asking for help here on the forum we can have a complete picture of all the criticalities of the network.
I myself am in trouble, I would try to start putting the same horizon on all the client ports in the bridge. (same horizon = no traffic allowed between same horizon ports)
But I don’t know how the rest is configured …