Menu
What's new
By:
Filters Better Search

RT-AC68 guest network in AP mode

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I

Imaohw

New Around Here
I have 3 Asus RT-AC68 wireless "routers" to cover a large area. All are running the latest Asus firmware and all are set up as Access Points. They are connected to Zyxel Gs1910-24 smart switches which are connected to a Zywall 110 firewall/router which provides load balanced Internet access across multiple ISPs and dhcp services.

Everything works fine however I would like to use the guest feature of the RT-AC68 to limit WIFI guest access to only the internet and not the intranet (local network). I can set up a vlan on the switches and if needed a separate DHCP server on the firewall for that vlan. I can also route the traffic from the vlan only to the internet. I have tested this configuration with a spare access point.

The problem I have have is that even though the RT-AC68 has a guest network feature it does not seem to differentiate guest traffic from "regular" traffic. It does not appear to support vlans nor have a way of directing different traffic to different ports. Once the RT-AC68 is set to Access Point mode the Guest WIFI network acts exactly as the "home" WIFI network. The solutions I can see is to get another set of RT-AC68s to use to create a guest network or swap the RT-AC68 for access points that support vlans. I would like to keep the RT-AC68 as it has great throughput.

Any suggestions?
 
Last edited:
I posted this in another thread but I think it will be useful for you here -

Actually you can make it work with Asuswrt-Merlin (I tested this on a RT-AC68U and RT-AC56U). As the guess access separation is handled by ebtables, you need to put the following ebtables config into your secondary AP -

ebtables -I FORWARD 1 -d Broadcast -j ACCEPT
ebtables -I FORWARD 1 -s xx:xx:xx:xx:xx:xx -j ACCEPT
ebtables -I FORWARD 1 -d xx:xx:xx:xx:xx:xx -j ACCEPT

Where xx:xx:xx:xx:xx:xx is the MAC address of the primary router's LAN interface (br0).

In short, this will allow the secondary AP guest networks to send broadcast traffic to your LAN for ARP and DHCP, and it will allow your router's LAN interface to communicate with guest users on your AP. By inserting the rules at the front of the FORWARD chain, the traffic will be allowed before it hits the DROP rules that does the guest separation -

-i wl0.1 -j DROP
-o wl0.1 -j DROP
-i wl1.1 -j DROP
-o wl1.1 -j DROP
 
You must log in or register to reply here.

Similar threads

M
Connecting to device in Guest or IOT VLAN from intranet (using Guest Pro on 3.0.0.6 firmware)?
Replies
7
Views
618
tiddlywink
T
M
Controlling DHCP DNS for guest network
Replies
2
Views
604
mpsharp
M
V
Guest Network - RP-AX58 & RT-AX58U
Replies
1
Views
344
Valyno
V
O
How isolated are guest networks in the ASUS RT-AC57U V3 router?
Replies
4
Views
822
onion
O
Y
Are all ASUS routers on the 3.0.0.6.102 codebase guaranteed to support VLAN Management & Guest Network Pro?
Replies
10
Views
497
YRTFS
Y
Similar threads
Thread starter Title Forum Replies Date
K Moving files on AC68 on USB drive. ASUS AC Routers & Adapters (Wi-Fi 5) 3
M Controlling DHCP DNS for guest network ASUS AC Routers & Adapters (Wi-Fi 5) 2
O How isolated are guest networks in the ASUS RT-AC57U V3 router? ASUS AC Routers & Adapters (Wi-Fi 5) 4
R Help with RT-ac88u network switch issues - causing reboot ASUS AC Routers & Adapters (Wi-Fi 5) 0
T AI Mesh node dropping internet connection when people connect to network ASUS AC Routers & Adapters (Wi-Fi 5) 2
Divader DNS not working directly from router but works fine everywhere else on network - nslookup server 0.0.0.0 ASUS AC Routers & Adapters (Wi-Fi 5) 18
kaanaslan DSL-AC88U Port Forwarding doesn't seem to be working when not in the local network ASUS AC Routers & Adapters (Wi-Fi 5) 5

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 623 (members: 31, guests: 592)
Top