Hi everyone,
I’m trying to implement a new hotspot system instead of a traditional password secured network, my network consist of one RB3011 and 8APs, one per each apartment I rent plus common areas.
I would setup a basic hotspot system, every cAPs would have 2 SSID, my LAN network and Guest Network. My questions concerns of security matters, everything works as expected but even if I set cAPs without client to client forwarding, clients are able to see eachothers as bridge connect them.
Which is the best practice to avoid this problem? Multiple VLANs? One per each APs? I would prefer to have an easy configuration so I could automate the provison. Second option is enabling IP firewall on bridge but I’m scary to reduce overall performance.
Any suggestions would really appreciated.
Ferdytao