MikroTik Tutorial 31 - LAN & WiFi Client Isolation

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi guys welcome to another tutorial today we will be looking at client isolation so client isolation is really protecting or preventing clients from connecting to each other on a network so what we'll be doing today is will be doing class isolation with wireless clients and also wired clients so this diagram give you will give you an illustration of all the client isolation we'll be working so we have TC 1 2 & 3 these two pieces are connected to the LAN VR router to access the Internet we also have an access point and we have a wireless a PC that is connected wirelessly so if PC one tries to connect a PC to client isolation will block that connection and also if the wireless connect wireless the PC that is connected wirelessly tries to connect to one of the PCs on a loan that connection will also be blocked so I'm going to show you how to configure that in your router no so what are here is our FTP server running on one of the computers so I'm able to access so I'm able to download a file from from that PC using the FTP I'm just going to cancel that so so now I'm going to go over to the router and I'm going to prevent those clients from communicating the first thing you need to do is to go to go to your bridge click on settings and click use IP firewall click ok so what that does is that all the traffic on the bridge will be redirected to your firewall now we're going to do on the wireless go to your wireless connection w11 open that and we are going to uncheck default forward what this does is that it prevents cleanse cleanse were connected to the Wi-Fi to communicate with each other so when I uncheck that click apply click OK alright the next step is we're going to go to the firewall with the IP firewall and we're going to create a web address list so I'm going to show you to create this address list so the address list that we are going to create we're going to call it client and the IP address would be the IP range for the clients that they want you don't want to communicate to each other one rule of thumb you should exempt your routers or device that you manage from this list this list supposed to be just the client range so in this network I want 192 168 dot eighty eight dot ten to one ninety two dot one sixty dot eighty 2.25 five so that is the range for clients I'm going to go head over to filter rules in the firewall click Add I'm going we are going to create our rule so click on forward let's make sure the chain is forward go to advanced and if the source address is client safe a client try to connect to a client so the source is client and destination is client then we are going to reject that connection I'm going to call this some isolation so I'm going to call the client isolation okay all right no I'm going to go back to the FTP server so I'm trying to refresh all right away we can see that it's not refreshing we look back on look back on the rule so this rule you realize the there is no traffic going on on this rule right now because we are using do the Wi-Fi isolation saves you a few packets coming through but what is working in this case is the is the default forward in what state knows so the client wouldn't be connecting to communicate to each other so I'm going to take it a step further where I'm going to switch this computer over to a LAN connection all right so I've just switched over to the LAN connection interfaces so I'm connected to eterna to know under the client is on the wireless so I try again still cannot connect to this to that FTP server so any services at all that is on that computer so even if is file-sharing or anything like that you the connection will will be on all traffic will be dropped so you see the rule is actually dropped in some of the pockets are rejecting it so that is all you go about doing place client isolation for your wireless and also for your land clients if you want you can actually modify this rule a bit to maybe include some other addresses or you could have more than one route like this to block different sets of addresses so that's it for this tutorial if you like this video please give me a thumbs up and if you haven't subscribed please remember to do so so thanks for watching you
Info
Channel: TKSJa
Views: 76,269
Rating: 4.9127517 out of 5
Keywords: Mikrotik, tutorial, configuration, networking, routeros, client isolation, protect network, lan, wifi, learn mikrotik
Id: UsgJFhkHB9g
Channel Id: undefined
Length: 7min 3sec (423 seconds)
Published: Sat Jun 03 2017
Related Videos
MikroTik Tutorial 32 - How to block Facebook the most efficient way
TKSJa
64K
MikroTik Tutorial 30 - Bonding & Load Balancing 2 x WAN ports
TKSJa
146K
MikroTik Tutorial 36 - Load balancing and failover with multiple gateways (2 WAN Links)
TKSJa
179K
MikroTik Tutorial 37 - Prevent clients from accessing your router
TKSJa
55K
(4) True Guest WiFi with MikroTik Routers
Category5 Technology TV
14K
MikroTik Tutorial 39 - Guest Wifi using VLAN
TKSJa
106K
MikroTik Tutorial 42 - Separate DHCP Server for WiFi Clients
TKSJa
42K
Playing with RouterOS's VLANs
MikroTik
14K
MTCNA - Bridging on MikroTik
MAICT Consult
12K
Best Home Network 2021 - A Guide to the Best Available Network Equipment
Crosstalk Solutions
114K
Full isolated network for guests #MikroTip#MikroTik#RouterOS
Hristo Popov
3.6K
MikroTik Tutorial 10 - Bandwidth Management Using Simple Queue
TKSJa
245K
Port Isolation in MikroTik
Inquirinity
611
MikroTik Tutorial 22 - How to create a Hotspot with Radius Server Authentication
TKSJa
236K
HOW TO MAKE A SUPER EXTENSION CORD! (Perfect for Christmas!)
Stud Pack
1M
MikroTik Tutorial 28 - Port Forwarding
TKSJa
153K
The Big Misconception About Electricity
Veritasium
9.8M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.