10922 questions

13025 answers

20294 comments

27224 members

0 votes
277 views 4 comments
by

Hello,

I'm trying to create a separate access point for guests for RUT955, because I want to isolate the wireless networks as in the main network I will connect some devices that shouldn't  be reachable from the guest network.

I've created the guest access point in Network/Wireless but cannot find the proper options or settings needed to separate the MAIN network from the GUEST network.



I know that for the previous Teltonika routers, like RUT360, this setup was easy to achieve but I cannot manage to achieve it for the RUT955.

I would really apreciate if you could give me a hint on how to separate the GUEST network from the MAIN network.

Thanks in advance!

Regards!

by
We‘ve got exactly the same problem. Setup exactly like in the description, but networks are not separated.

Do you‘ve got a solution by now?

2 Answers

0 votes
by
  1. Enter your router's IP address into the search bar of any browser. ...
  2. Log into your router as admin. ...
  3. Find the guest network settings. ...
  4. Enable the guest WiFi access. ...
  5. Set the guest WiFi network name. ...
  6. Set the guest WiFi password. ...
  7. Finally, save your new settings.  vidmate  mobdro
0 votes
by

Hi,

You can create a new LAN network and bind it to the guest WiFi network.

1. Go to the Network → VLAN → LAN Networks page and add a new LAN network. Make sure to specify a different IP address than your main network, Save settings.

2. Then go to Network → VLAN  → VLAN Networks. Select VLAN Mode: Port based.

3. Add new VLAN, bind LAN2 and WiFi Guest to it.

This will ensure devices on Guest WiFi network will not be able to communicate with devices on default LAN. 

Hope it helps,

DM

by

Hi, Dziugas.

Thank you for the detailed answer!

I have already followed the the instructions as per your advice and created a new LAN network and bound the guest access point to it.

Also found this tutorial on Teltonika Wiki Knowledgebase and I'm posting it here in case someone will run into the same issue.

Lan (main) network IP pool: 192.168.1.100 - 249 

Lan_lan2 (guest) network IP pool: 10.10.10.100 - 249

The main problem is the networks are not separated as the devices from the guest network respond to the ICMP requests sent from the devices in the main network and viceversa, as per the below image:



Am I missing something? Should I add additional firewall rules in order to separate the lans?

Thanks in advance!

by 1 flag

Strange, this setup should already separate devices. Have you tried rebooting the device after completing the setup?

You should check whether forwarding between these two zones is enabled. Go to Network → Firewall → General Settings, scroll down to the 'Zone Forwarding' section, click 'Edit' next to lan then lan2; check to see if forwarding is disabled between them. If not, disable it manually from there.

You can also add custom firewall rules to block the traffic between these two networks. In the Network → Firewall → Custom Rules page, paste this rule:

iptables -I FORWARD -s 192.168.1.0/24 -d 10.10.10.0/24 -j REJECT

You can achieve the same in Firewall → Custom Rules, but I find this method to be cleaner and easier to communicate. 

DM

by
I tried all above described methods but networks still not separated. Seem that I'm not only how faced with same problem.