OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 Client Isolation for SSID to LAN devices
Hi
Recently purchased OC200 + 5 x EAP115-Wall and 5 x EAP115 APs
Replacing an existing Openmesh network.
Flat LAN single IP schema 192.168.0.0/24 with a gateway of 192.168.0.254
Sonicwall providing the Gateway and LAN DHCP range
two SSID's -
- "Secure" with devices having full LAN access including printers etc
- "Guest" with No LAN access (Client Isolation so only to have access to itself and the Internet)
When we initially did the scope to replace the existing solution, the Omada solution ticked all the boxes for Cloud management and guest client Isolation.
But having come to set it up and configure it the current version seems far from straight forward.
Having setup Guest Wifi and ticked the Guest Network (this seems to indicate client isolation), wireless clients although cannot access each other they do seem to be able to scan the LAN network and the devices on the network. How is this prevented?
Having skimmed through the various documents / FAQs and these support pages, it seems to imply that when Guest network is ticked then some hidden ACL rules are enabled that prevent wireless clients accessing LAN devices, but having connected a Laptop to the Guest Wifi and run a network scan, I see all the LAN devices and whilst I am unable to access any of the devices having knowledge of the issued IP addresses and MAC addresses is not acceptable.
Is there a guide on how to prevent this on a guest connected device?