setting up router, accesspoint network with restrictive access to one.

[Koshur]

Connecting 3 or more routers and acesspoints... in such a way the adsl modem is setup as a bridge and the 2 second router is setup as master .ie it has pppoe and other things....the 3 accespoint is connected to the master with same ssid on all acesspoints.. but i want is those computers that are connected on this 3 acesspoint via wifi.. should not be able to access internet but they should be on my network.. what should i do to achieve this .. i cant set up routing on lan interface in master router..

[+BudMan MVC]

Hmmm

Thats a bit tricky, I would assume all the devices get dhcp from same server, and this points to your gateway? And all on the same segment for example 192.168.1.0/24

Best option would be to breakout the wireless to their own vlan, you could then only allow this vlan access to your local network and not internet.

What are you working with for your gateway device, can you vlan traffic? Can you create rules between vlans and internet?

[sc302 Veteran]

If the router has some sort of content filtering or ACL you can define the wired connections via static ip to have access and all others to not. You could not broadcast the dns info (if you are not using active directory). You could take out the gateway info out of dhcp if you have that option and manually configure the wired connections. If you have a way to setup a vlan you can have the wireless on one vlan and the wired on the other and have dhcp set properly on the wired and leave out info for the dhcp on the wireless or simply deny access coming from that vlan to the internet via a acl.