I have a simple requirement to fulfill using RB523:
- Users should log on using hotspot (Ether2, 10.5.50.0/24) and will access the Internet through Ether1 (192.168.0.0/24).
- Hotspot users must not be able to access private network on Ether3 (172.0.0.0/24).
I have created a firewall rule to block access from Ether2 to Ether3. This works fine when the hotspot is disabled, but the moment I enable the hotspot users are able to access the network on Ether3 (after logging in). It seems that the Dynamic rules created by the hotspot override any other rules. Even if I move my rule [drop all packets from source 10.5.50.0/24, destination 172.0.0.0/24], to be above the dynamic rules, it makes no difference - Ether2 can still see and access Ether3.
Is there another way to apply your own rules in conjunction with a MT hotspot?