Hi,
I currently don’t have any routerboard with WiFi module to play with, but i’m curious about how to make guest WiFi spot without mixing ether and wifi interfaces into one bridge.
Let’s assume this scheme:
ether1-master-LAN
|-------ether2-slave
|-------ether3-slave
ether4-WAN
wifi1
I don’t want mix LAN and WiFi traffic.
In all guides that I read, people always create bridge let’s say wifi1 with ether1-master-LAN as it’s ports, then make a WiFi net.
Can I setup wifi1 without bridging it with any ether port to isolate WiFi net from LAN net or routerboard can’t route traffic from wifi to ether and vise versa w/o bridge?
Then i can make this little setup allowing Internet access to WiFi users and isolating them from LAN:
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether4-WAN
/ip firewall filter
add action=drop chain=forward in-interface=wifi1 out-interface=!ether4-WAN
In case of bridge i must enable firewall on that bridge an so on…