Hi.
I use the same Internet link to remote work and personal stuff. I would like to:
Req#1 → avoid password sharing to connect to WiFi
Req#2 → control the bandwidth
Req#3 → isolate the devices
— GPON fiber — ISP router (WiFi disabled) — eth1 — MicroTik hap AX2 (WiFi disabled)
---- hap AX2 — eth2 — work computer
---- hap AX2 — eth3 — TpLink Router configured as access point (DHCP disabled)
What I’ve done so far:
Req#1 → configured DHCP leases to give specific IPs based on MAC address
Req#1 → configured the bridge to drop on input if MAC is not on specific list (I know that MAC security is not ideal but this is just a basic way of avoiding sharing WiFi password)
Two questions:
Req#2 → What is the best way to completely block traffic between eth2 and eth3? I would like to use bridge filters to do that but I don’t know how.
Req#3 → I would like to use simple queues but I don’t want to create a rule for each IP address. How can I limit the bandwidth for all traffic that comes from eth3?
Thanks