Howto tunnel hotspot traffic directly to internet router

dksoft · December 6, 2012, 7:14am

Hi,
and welcome to all forum members as this is my first posting to the community.

I setup a RB751 with two SSID. One is WPA protected and used to access to complete network.
The other SSID is on a virtual AP and used as a hotspot with login.

That works fine, but people which are connected to the hotspot network (10.1.1.0/24) can also access my internal network (192.168.1.0/24).

My question is: can I tunnel all the traffic from the hotspot user (10.1.1.0/24) to my internet router (192.168.1.1), so they can not access any other device on the network but the internet router ?

Thanks and best regards,
dksoft

Discus · December 6, 2012, 8:36am

A possible solution to this is to simply drop/reject all traffic from 10.1.1.0/24 to 192.168.1.0/24 (IP>Firewall; you’ll need a forward chain rule) - make sure you first allow connections to 192.168.1.1, otherwise they’ll get no internet.

dksoft · December 9, 2012, 9:32pm

This worked right away. Many thanks for your help!

Discus · December 18, 2012, 8:20am

No problem, glad it worked out for you