[Mikrotik] Restrict hotspot interface from snooping
josh at imaginenetworksllc.com
Wed Jun 6 00:20:42 CDT 2012
I have an insecured wifi (virtual AP) on my home router. I don't mind
people using it. I do want to make it impossible for them to ever
reach anything they shouldn't. If I do a new subnet on ether5 or my
known subnet on ether2 (home LAN).
I was thinking I could do something like accept
src-address=172.31.31.0/24 dst-address=gateway and then drop
everything else with that src but if it's masqueraded, would that
work? Doesn't seem to, but I haven't tested it thoroughly.
Any other suggestions or methods to try?
1100 Wayne St
Troy, OH 45373
More information about the Mikrotik