My understanding is that the WLAN and LAN by default are on the same subnet and that all wireless and wired access by default go through wifidog. Can anybody verify if this is true?<br><br>If so, then setting up the firewall rule shown below would not work if the business's computers are plugged into the wireless router without more configuration. <br>
<br>ian<br><br><div class="gmail_quote">On Fri, Jun 26, 2009 at 2:11 PM, Aaron Z <span dir="ltr"><<a href="mailto:aaronz@pls-net.org">aaronz@pls-net.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
In Wifidog.conf there is a section called "FirewallRuleSet global", if you have the WAN port on your box connected to the rest of your network (so that the wireless users are on a different subnet than your buisness machines) you can change the setting to be as shown, this will prevent your guests from accessing the 192.168.3.x subnet.<br>
<br>
# Rule Set: global<br>
#<br>
# Used for rules to be applied to all other rulesets except locked.<br>
FirewallRuleSet global {<br>
## Use the following if you don't want clients to be able to access machines on<br>
## the private LAN that gives internet access to wifidog. Note that this is not<br>
## client isolation; The laptops will still be able to talk to one another, as<br>
## well as to any machine bridged to the wifi of the router.<br>
FirewallRule block to <a href="http://192.168.3.0/24" target="_blank">192.168.3.0/24</a><br>
}<br>
<br>
HTH<br>
<br>
Aaron Z<br>
<br>
----- "casey w ballard" <<a href="mailto:casey.w.ballard@gmail.com">casey.w.ballard@gmail.com</a>> wrote:<br>
> From: "casey w ballard" <<a href="mailto:casey.w.ballard@gmail.com">casey.w.ballard@gmail.com</a>><br>
> To: <a href="mailto:wifidog@listes.ilesansfil.org">wifidog@listes.ilesansfil.org</a><br>
> Sent: Friday, June 26, 2009 1:00:15 PM GMT -05:00 US/Canada Eastern<br>
> Subject: [isf-wifidog] LAN and WLAN Seperation<br>
<div class="im">><br>
> Hello, I can't seem to find the information anywhere on the FAQ secitons so I geuss I will ask it here. I am planning to implement this feature at my cafe but I dont want the wireless clients to be able to get access to my dell registers or computerized security system. Is there any way that I may block the wireless clients from being able to see the other wired computers?<br>
> -Casey<br>
</div>> _______________________________________________ WiFiDog mailing list <a href="mailto:WiFiDog@listes.ilesansfil.org">WiFiDog@listes.ilesansfil.org</a> <a href="http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog" target="_blank">http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog</a><br>
_______________________________________________<br>
WiFiDog mailing list<br>
<a href="mailto:WiFiDog@listes.ilesansfil.org">WiFiDog@listes.ilesansfil.org</a><br>
<a href="http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog" target="_blank">http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog</a><br>
</blockquote></div><br>