In the access list of my ap I can see that I have clients set to forward ‘yes’. I have one client that says ‘no’ in the column. I have checked wireless - interface - wireless and the ‘default forward’ box but it is grayed out ‘yes’ on the clients. (it is checked in the ap). The client in question also has ‘default forwarding’ but grayed out. Why do I see it as no in the ap access list?
I am unsure of this configuration. I thought that I should have disabled default forward on the clients to keep them from being able to see each other in a bridged network. ( I know I know I’m working on routing it. )
can someone clarify this setting and make a recommendation on how its setting might affect me?
Default forwarding means that clients cannot talk to each other over the wireless interface itself, this however does not apply to all modes the radio card can be in. These “default” settings can be overwritten when making an access list for a specific client on the radio.
So with default forwarding off, or unchecked, at the client the clients will not be able to see each other but will still be able to communicate upstream?
I’d like to try it but don’t want to lose access to a radio in the field by ‘button pressing’.
Correct. It just prevents clients that are connected to the same radio from sending packets to each other over the wireless card itself. This doesn’t remove the ability to talk to other devices/clients on the network that are not connected to the same radio.
ok, So I can turn off forwarding on the client and that prevents that client from forwarding packets to other clients on that radio but will not keep it from forwarding packets through the switch and out to the bh.
If I turn off forwarding in the ap then I would kill the link as the ap would no longer allow forwarding from a client through the bh as long as that bh is connected to the same radio.
Two examples ( A 433 board with a 5ghz bh and 900mhz ap, turn off forwarding on the ap and all will still work as the bh is a separate radio.) On the other hand (If I had one ap with clients connected but one of those clients is acting as the bh on that same radio then disabling forwarding will kill the link.)
I think I’m clear now. It just helped for me to type out my scenarios.
The main advantage would be the privacy of the customers, because they don’t have the luxury of a firewall between them. If forward is possible, they would see e.g. each others computer in the windows network pane.
The second advantage would be that direct data transfer is not possible, so a massive file or P2P transfer would not choke the AP impacting other users.
Third, the spread of network aware viruses/malware is not possible.
Fourth: if you allow users to connect freely to your AP, they could just set up a private address space and use your infrastructure. This is not possible if this restriction is in place.
“Must” is a relative concept. “Want” is more appropriate. Except dying nothing “must” be done .
I just pointed out some things that happen if you don’t use the feature. And not everybody is a wisp.
)
.