NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
doesn't work
1 Topic
WNDR4500v2: Wireless isolation doesn't work on guest network
Hi, I have used this Router now for about 9 months and have been very happy with its performance. We have a home business and students regularly visit our home. We have recently had requests for them to get on our WiFi (because cell reception is bad), and I wanted to use the "Guest Network" feature to accomplish this. Goals: --Guest network is for student needing to access the internet only. --Guest network will broadcast SSID and will be guarded with password, given to student at their request. --Multiple clients on guest network should not be able to see each other. Just client and the internet.....that's it. --Guests must be absolutely isolated from our regular WIRED network (plugged into the physical ports on the WNDR4500v2) and the regular WIRELESS network (via the WiFi on the WNDR4500v2). Assets on these internal networks (WIRED & WIRELESS) are lightly guarded and thus outside individuals must not be allowed to traverse these networks. CONFIGURATION: Router Model: WNDR4500v2 Firmware: V1.0.0.60_1.0.38 SETUP: -Regular Wifi "WIRELESS" is ON: "Enable Wireless Isolation" checkbox is OFF. -Guest WiFi "GUEST" is ON: "Enable Wireless Isolation" checkbox is ON. "Allow guest to access My Local Network" checkbox is OFF. -DHCP is ON -"Enable AP Mode" checkbox is OFF. Everything above seemed quite straightforward for easy configuration. However, it was a different story when I actually tested it. I used my iPad to get on the guest network. I used the application called "Fing" that does an IP address scan on the entire network. Once identifying an asset, you can then run a more detailed scan by attempting to access various services on various ports of the device. Immeidately, the guest network showed every device on my GUEST, WIRED, and WIRELESS networks (combination of fixed and DHCP addresses). Not good! I then ran a more detailed analysis of the devices found all standard open ports (smb shares, webserver, terminal services) cound indeed be accessed from the guest network. Is this a firmware bug? How do I deny guests access to everything but their connection to the internet? By the way, the "Help" on the router configuration screen appears to describe the checkbox functionality BACKWARDS of the description. (I tried it both ways, just in case, but to no avail.) Probably a previous version or person-who-did-interface didn't talk to person-who-did-help? "Allow guests to see each other and access my local network When unchecked, users connecting to this guest network can only access the Internet and cannot access any other devices in the same network or in other networks, including the main network and the wired network. In addition, all the clients in this guest network cannot access router's management GUI or any other services provided by the router (for example, ReadySHARE Storage, ReadySHARE Printer... if the router supports these functions). When checked, users connecting to this guest network can access not only the Internet but also all devices on all local networks, including the main network and the wired network." Thanks!Solved9.8KViews0likes14Comments