In a past thread, the topic of client to client isolation at a hotel
hot spot was discussed. A method of using IP routing to isolate
wireless clients was offered by Floyd L. Davidson in:
news:(E-Mail Removed)
using a Linksys WRT54G wireless router. I installed Sveasoft Sartori
in my WRT54G v1.1 and tinkered with the route commands until it
resembled those in the example. At the IP level, everything worked
exactly as described. So far so good.
However, there was a problem. If I installed the Netbeui protocol in
my two test laptops, I could still communicate between clients. I
suspect I could do the same with IPX/SPX. In addition, if I manually
assigned IP addresses and left the default gateway blank in the two
test laptops, I could again communicate between laptops, but not
connect to the internet through the router.
At this point, the IP route method will sufficiently isolate the
clients from each other to prevent propogation of worms and virus's,
but not prevent theft of bandwidth by typically gamers. This is not a
problem with the typical indoor hotspot, but is an issue with outdoor
hotspots.
Something was apparently different between the recommended setup and
mine. So, I asked on another mailing list and was directed to a
mis-named setting called "AP Isolation".
Wireless -> Advanced Wireless Settings -> AP Isolation
This appears in both Sartori and the stock Linksys firmware. I had
seen this setting but ignored it because I assumed[1] that it was for
isolating multiple access points, and not for isolating clients.
The help file proclaims that AP Isolation:
Creates a separate virtual network for your wireless network.
When this feature is enabled, each of your wireless client
will be in its own virtual network and will not be able to
communicate with each other. You may want to utilize this
feature if you have many guests that frequent your wireless
network.
which methinks does the trick at the bridging (MAC) level. By
enabling AP Isolation and resetting the routing table and clients to
defaults, I was unable to communicate between test laptops no matter
what trickery I attempted. It works.
[1] Assumption, the mother of all screwups.
--
Jeff Liebermann
(E-Mail Removed)
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558
Similar Threads
Linear Mode
