Guest access still can access internal network by using computer name

  • 1
  • Question
  • Updated 1 week ago
Currently , I am using zd1200 with 9.13 firmware. I try to create create guest access service that allow visitor to access internet but can not browse any internal network share drive.

If visitor connect to guest network. They can still access internal network shared drive using computer name. It seem like it only block guest access internal network using ip address only.

Is there anywhere to block guest network from access internal network by using ip address or computer name?

Thanks.

Alan.
Photo of Alan Tam

Alan Tam

  • 16 Posts
  • 0 Reply Likes

Posted 1 week ago

  • 1
Photo of Darrel Rhodes

Darrel Rhodes, Employee

  • 11 Posts
  • 5 Reply Likes
Hi Alan,

Enabling guest access alone won't isolate guest-clients from your internal network.

I would recommend separating guest-clients by using a different VLAN to your internal network. 

Take a look here for further info:  https://support.ruckuswireless.com/articles/000001547

I hope that helps,
Darrel.

Photo of Alan Tam

Alan Tam

  • 16 Posts
  • 0 Reply Likes
Thanks for reply. If without vlan switches, will isolation setting with acl can block visitor from access internal network?
Photo of Darrel Rhodes

Darrel Rhodes, Employee

  • 11 Posts
  • 5 Reply Likes
Hi Alan,

Yes it should be possible.  I'd recommend tunnelling guest-user traffic back to the Zone Director and setting ACLs so guest-user traffic can only reach the default gateway and block acess to all other IPs on your private network.

Don't forget to allow for DHCP and DNS in your ACL config.

I hope that helps.
Darrel.
Photo of Alan Tam

Alan Tam

  • 16 Posts
  • 0 Reply Likes
Is there any guide for tunneling guest traffic to zone director? Thank you so much for your answer
Photo of Darrel Rhodes

Darrel Rhodes, Employee

  • 11 Posts
  • 5 Reply Likes
Hi Alan,

It's a single check-box in the ZD WLAN configuration.  It means all traffic on that specific WLAN will centrally egress from the ZD rather than the APs in the network.

You can download ZoneDirector user guide documentation here:  https://support.ruckuswireless.com/documents?filter=73#documents

Thanks,
Darrel.

Photo of Alan Tam

Alan Tam

  • 16 Posts
  • 0 Reply Likes
If create guest access will l3 back option still available? Thanks

Alan
Photo of Darrel Rhodes

Darrel Rhodes, Employee

  • 11 Posts
  • 5 Reply Likes
Apologies Alan I'm not familiar with that terminology - can you provide more details please?

Thanks,
Darrel.
Photo of Alan Tam

Alan Tam

  • 16 Posts
  • 0 Reply Likes
Sorry for typing mistake. If create guest access will l3 acl control option still available? Thanks