knowngni
New Around Here
Hi guys,
I love Asus routers and have purchased 4 RT-N66u, one AC68U and one RT-N10P.
I've noticed that regardless of stock firmware and Merlin, the Guest Network virtually offers no protection at all.
Everything is seen, and all devices can communicate with each other.
I was hoping to use the RT-N10P as an AP but I don't understand why I can still use windows discovery to see and access all devices on the network.
On the guest network, even with "AP Isolation" enabled, I can still ping all other clients who are hard wired to another router. I can access our internal site which is hosted by a server in the internal LAN. We have 4 networked laser printers, they are all seen, our NAS which we use as in internal dropbox to quickly share files, other coworkers in the office. The guest network acts like this regardless of AP mode or Router Mode (when acting as the main router). Also there is still internet access and router web configuration access unlike the other threads where other people's guest networks seem to do funky things. Mine just acts like a another SSID for the LAN network. Nothing "guest" about it. I've also rebooted in each mode and each times I adjusted settings to ensure the router loaded those settings in.
(We have a small office of 12 people so we don't really need any special hardware)
Thing is I found this to be consistent across all the routers (AC68U, N66U, and N10P. Is there something that I'm not doing or missing? Preferably I would like to still keep the stock firmware on the RT-N10P given that the specs were pretty low in the first place, so I wanted to keep from having to try and flash dd-wrt or tomato which aren't officially supported.
I imagined that the AP/router(in router mode) should have denied any requests to other internal clients (for example drop any connection attempts to any other local IP in the same local subnet with the exception of the gateway IP) That way any clients on the AP/router could only communicate with the internet and not the internal network.
I've already gotten around this issue by using a Netgear Tomato router creating two LAN's and setting LAN2 without any routes to LAN1 and connecting the AP to LAN2, but as I purchase more and more ASUS hardware, I'd kinda like to figure this out if possible.
I love Asus routers and have purchased 4 RT-N66u, one AC68U and one RT-N10P.
I've noticed that regardless of stock firmware and Merlin, the Guest Network virtually offers no protection at all.
Everything is seen, and all devices can communicate with each other.
I was hoping to use the RT-N10P as an AP but I don't understand why I can still use windows discovery to see and access all devices on the network.
On the guest network, even with "AP Isolation" enabled, I can still ping all other clients who are hard wired to another router. I can access our internal site which is hosted by a server in the internal LAN. We have 4 networked laser printers, they are all seen, our NAS which we use as in internal dropbox to quickly share files, other coworkers in the office. The guest network acts like this regardless of AP mode or Router Mode (when acting as the main router). Also there is still internet access and router web configuration access unlike the other threads where other people's guest networks seem to do funky things. Mine just acts like a another SSID for the LAN network. Nothing "guest" about it. I've also rebooted in each mode and each times I adjusted settings to ensure the router loaded those settings in.
(We have a small office of 12 people so we don't really need any special hardware)
Thing is I found this to be consistent across all the routers (AC68U, N66U, and N10P. Is there something that I'm not doing or missing? Preferably I would like to still keep the stock firmware on the RT-N10P given that the specs were pretty low in the first place, so I wanted to keep from having to try and flash dd-wrt or tomato which aren't officially supported.
I imagined that the AP/router(in router mode) should have denied any requests to other internal clients (for example drop any connection attempts to any other local IP in the same local subnet with the exception of the gateway IP) That way any clients on the AP/router could only communicate with the internet and not the internal network.
I've already gotten around this issue by using a Netgear Tomato router creating two LAN's and setting LAN2 without any routes to LAN1 and connecting the AP to LAN2, but as I purchase more and more ASUS hardware, I'd kinda like to figure this out if possible.
Last edited:
