NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Guest Network able to open RDP sessions on network
Hi There We've purchased and setup an RBR50 ad RBS50 to add a mesh into our small office network, we had some dead spots with our previous equipment and this has resolved these issues, The R...
I did a similar test, opening Orbi Guest access and not allowing guest devices to see the primary network. Connected my phone, and it behaves as expected. No access. However....
- I cannot test in AP mode (having only a modem, and I don't want to go fetch an old router to stick in the middle of all this).
- My phone did get an IP address in the primary subnet. (This is one of the ways that Orbi WiFi 6 appears to be different from my Orbi WiFi 5. I hear that the guest network on Orbi WiFi 6 is in a different subnet.)
So, the Orbi is not going to let a guest device access the primary network, but what about the router that Orbi is connected to?
@I11nad said "Guests have reliable internet connections and are unable to browse our network....."
I wonder how this works? Shouldn't the primary router just see packets from a subnet going to IP's on the same subnet?
This is very confusing.
- How was this "unable to browse" tested?
(ping? network scanner like Fing? trying to use a printer?) - Does AP mode somehow recognize IP's from the guest network and shut them out?
Way Cool. Pretty slick programming for an "access point". - Or, does RDP actually go out to the internet and then back into the network?
Thanks CrimpOn for noting that l11nad was using AP mode, not Router mode on his Orbi. My Orbi is in router mode, and I do not want to break things either by adding a different router between my modem and Orbi and putting the Orbi in AP mode.
l11nad, I suspect your issue is due to your primary router allowing the access, as it has no means of distinguishing the Orbi guest and primary networks. For this to work properly, you need to remove your primary router and let the Orbi be in router mode rather than AP mode. You have a double NAT situation which is not recommended. Search for "double NAT" on the community forums or google for more information about it.
tomschmidt wrote:l11nad, I suspect your issue is due to your primary router allowing the access, as it has no means of distinguishing the Orbi guest and primary networks. For this to work properly, you need to remove your primary router and let the Orbi be in router mode rather than AP mode. You would then have a double NAT situation which is not recommended. Search for "double NAT" on the community forums or google for more information about it.
Please see my edit above. There is currently one router. Putting the Orbi into router mode would create the Double-NAT.
This is a fascinating situation. I will dig out my spare Orbi and attach it in AP mode to see what happens. (Not a trivial exercise, so it will take some time.) Will not duplicate the OP's router, but it's the best I can do.
I should have re-read my reply before posting. It would only be in a double NAT situation if both routers where in router mode. Since the Orbi is in AP mode, all clients get their DHCP assignments from the primary router in between the modem and the Orbi. The primary router has no way to distinguish systems on the Orbi network, it won't know if they are using the wired LAN ports, primary WiFi or guest WiFi. So if the PCs that are being allowed RDP access from the guest network are on the primary network of the primary router, then this will not be filtered from other clients on the primary router. They would only be guests on the clients bound to the Orbi.
l11nad, are the PCs that are being allowed RDP access from the guest WiFi on the primary router, or are they on the Orbi?