Jump to content


  • Please log in to reply
2 replies to this topic

#1 Koshur



  • Tech Issues Solved: 1
  • Joined: 08-February 12
  • OS: Win7, Ubuntu 12.04LTS, PinguyOS 11.10, Backtrack 5R2, Zorin OS

Posted 19 March 2013 - 13:59

Connecting 3 or more routers and acesspoints... in such a way the adsl modem is setup as a bridge and the 2 second router is setup as master .ie it has pppoe and other things....the 3 accespoint is connected to the master with same ssid on all acesspoints.. but i want is those computers that are connected on this 3 acesspoint via wifi.. should not be able to access internet but they should be on my network.. what should i do to achieve this .. i cant set up routing on lan interface in master router..

#2 +BudMan


    Neowinian Senior

  • Tech Issues Solved: 129
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 19 March 2013 - 14:49


Thats a bit tricky, I would assume all the devices get dhcp from same server, and this points to your gateway? And all on the same segment for example

Best option would be to breakout the wireless to their own vlan, you could then only allow this vlan access to your local network and not internet.

What are you working with for your gateway device, can you vlan traffic? Can you create rules between vlans and internet?

#3 sc302


    Neowinian Senior

  • Tech Issues Solved: 56
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 19 March 2013 - 14:51

If the router has some sort of content filtering or ACL you can define the wired connections via static ip to have access and all others to not. You could not broadcast the dns info (if you are not using active directory). You could take out the gateway info out of dhcp if you have that option and manually configure the wired connections. If you have a way to setup a vlan you can have the wireless on one vlan and the wired on the other and have dhcp set properly on the wired and leave out info for the dhcp on the wireless or simply deny access coming from that vlan to the internet via a acl.