Unanswered Question

I'd like to configure the 1130AG AP for internet access only. For example, anyone who is connected to the AP cannot see the other computers that are connected to the same AP, but can access internet. I looked at all the documents and found that the Security->IP filter is the way to go. However, I am not sure what to filter out.

The computers connected to this AP gets an IP address fromthe DHCP through 200. This AP IP address is Do I create a IP filter to block out all but

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Bernardo Gaspar Fri, 10/08/2010 - 05:29

If the wireless client isn't supposed to reach ANY other device on its own subnet, you can deny all traffic for which the destination IP is that subnet.

The filter will not block traffic flowing through the AP and/or gateway as long as the destination IP doesn't match the filter.

If you're doing it from the console, it would look something like this:

ip access-list extended blockmysubnet

deny ip any

permit ip any any

Like this, if the client tries to telnet to the AP directly ( the filter will block it. But if the client tries to go to google then the filter wouldn't match it and the AP should not block the traffic.


This Discussion



Trending Topics - Security & Network