This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
This is a question about the 'guest network' feature on my DGND3700v1 router (with richud firmware and Genie interface) when there is also a WAC04 access point on the network. The router supports 'Guest networks' with settings like 'disallow guest from my local network'. I like the idea of this, because I have several PCs on my home network using cable and non-guest wi-fi. So I'm planning to have a 5GHz Guest network with just my wired/wireless printer on it, so visitors can only print and see the internet. Now, here's the thing:
I also want to connect (by cable) a Netgear WAC104 access point to the router, to extend wi-fi coverage to my attic office, plus have it provide a few wired connections for my PCs up there.
I plan to set the WAC104 up to broadcast the same SSID/password/encryption as my intended Guest network on the DGND3700 so that visitors only need one login throughout the house BUT looking at the setup screens in the WAC104 user guide online, it seems to have no concept of 'guest network' as such. Its wireless setup form lacks those 'disallow guest from my local network' type options.
So the question is, if a visitor connects as guest at the WAC104 (rather than at the DGND3700) would they therefore have a route to my PCs, or would they encounter the blocks imposed by the guest network settings on the DGND3700?
Re: Guest network isolation with WAC104 access point
> [...] looking at the setup screens in the WAC104 user guide online, it > seems to have no concept of 'guest network' as such. [...]
I know nothing about the WAC104, but I'd expect that.
The guest-network implementation on Netgear routers seems to be a set of firewall-like (router) rules which affect the "guest" wireless clients. A wireless access point which is separate from the router has no way of employing any such router-based rules.
> [...] if a visitor connects as guest at the WAC104 (rather than at the > DGND3700) [...]
The whole guest-network concept is confined to the DGND3700 (router); there is no "as guest at the WAC104".
> [...] would they therefore have a route to my PCs, or would they > encounter the blocks imposed by the guest network settings on the > DGND3700?
When any device is connected to the WAC104, the DGND3700 will see it as a wired client device (hence not a "guest"); just another device on the (extended) LAN.
There may be ways to employ multiple (consumer-grade) routers to provide a "guest" LAN subnet and a non-guest LAN subnet, with the desired type of isolation between them. Or, a more sophisicated router with Virtual-LAN (VLAN) capability (about which I know nothing) could probably do the job. But I don't see a way for a DGND3700 and a WAP to do it.
Re: Guest network isolation with WAC104 access point
> [...] looking at the setup screens in the WAC104 user guide online, it > seems to have no concept of 'guest network' as such. [...]
I know nothing about the WAC104, but I'd expect that.
The guest-network implementation on Netgear routers seems to be a set of firewall-like (router) rules which affect the "guest" wireless clients. A wireless access point which is separate from the router has no way of employing any such router-based rules.
> [...] if a visitor connects as guest at the WAC104 (rather than at the > DGND3700) [...]
The whole guest-network concept is confined to the DGND3700 (router); there is no "as guest at the WAC104".
> [...] would they therefore have a route to my PCs, or would they > encounter the blocks imposed by the guest network settings on the > DGND3700?
When any device is connected to the WAC104, the DGND3700 will see it as a wired client device (hence not a "guest"); just another device on the (extended) LAN.
There may be ways to employ multiple (consumer-grade) routers to provide a "guest" LAN subnet and a non-guest LAN subnet, with the desired type of isolation between them. Or, a more sophisicated router with Virtual-LAN (VLAN) capability (about which I know nothing) could probably do the job. But I don't see a way for a DGND3700 and a WAP to do it.
Re: Guest network isolation with WAC104 access point
That doesn't yound hopeful. Although where you say 'no concept of guest at the WAC104, I suppose rather than 'connect as guest', perhaps I should have said for clarity 'connect to the wi-fi network at the WAC104 which is defined as guest at the DGND3700', but it looks like it makes no difference.
Perhaps I'll take up my ISPs offer of a free router and move my DGND3700 upstairs....
Re: Guest network isolation with WAC104 access point
> [...] perhaps I should have said for clarity 'connect to the wi-fi > network at the WAC104 which is defined as guest at the DGND3700', [...]
How, exactly, is "the wi-fi network at the WAC104" "defined as guest at the DGND3700"? Guest-ness is a property of a device which is
wirelessly connected to the router which established the "guest network". Nothing to do with the WAC104.
> When any device is connected to the WAC104, the DGND3700 will see it > as a wired client device (hence not a "guest"); just another device on > the (extended) LAN.
Still true.
> Perhaps I'll take up my ISPs offer of a free router and move my > DGND3700 upstairs....
