Changes

1,107 bytes removed , 15:08, 2 August 2023

no edit summary

Line 1: Line 1: −

~~__TOC__~~

+

<p style="color:red">The information on this page is updated in accordance with the [https://wiki.teltonika-networks.com/view/FW_%26_SDK_Downloads'''00.07.4'''] firmware version .</p>

−

==Introduction==

Most of us are aware, that network security is extremely important. If your WiFi network is not properly secured, it makes you and all of your home or office resources vulnerable to a variety of security threats. To stay ahead of the curve, many companies and home users have guest WiFi. Unlike your regular WiFi network that you or your company members use, the guest WiFi network restricts what your guests can do in your network. It gives visitors access to the Internet connection, but nothing else making you or your company a lot more secure. This chapter is a guide on configuring a guest WiFi.

Line 15: Line 14:

<tr>

−

+

−

<th width=~~700~~; style="border-bottom: 1px solid white;" rowspan=2>[[File:~~Networking rutos configuration examples guest wifi 3 v1~~.png|border|class=tlt-border]]</th>

+

<th width=950; style="border-bottom: 1px solid white;" rowspan=2>[[File:WiFi_interfaces.png|border|class=tlt-border|808x563px|right]]</th>

</tr>

<tr>

−

+

Login to the router's WebUI, navigate to the '''Network → Wireless''' page. Click '''Add'''. You can use either, 2.4GHz or 5GHz WiFi. Then you will be forwarded to the configuration window.

−

~~<ol>~~

−

~~<li></li>~~

−

~~<li></li>~~

−

~~<li></li>~~

−

~~<li></li>~~

−

~~</ol>~~

</td>

</tr>

Line 35: Line 28:

<tr>

−

+

−

+

<th width=950; style="border-bottom: 1px solid white;" rowspan=2>[[File:Create new WiFi Interface.png|border|class=tlt-border|866x407px|right]]</th>

−

[[File:~~Networking rutos configuration examples guest wifi 4 v2~~.png|border|class=tlt-border]]</th>

</tr>

<tr>

Line 47: Line 39:

<li>Enter a custom '''ESSID'''.</li>

<li>Expand the drop-down menu '''Network'''.</li>

−

~~<li>Uncheck the '''lan''' interface.</li>~~

<li>Create a new interface, enter a custom name '''Guest'''.</li>

</ol>

Line 58: Line 49:

<tr>

−

+

−

+

−

[[File:~~Networking rutos configuration examples guest wifi 5 v1~~.png|border|class=tlt-border]]</th>

+

[[File:Wifi interface security.png|border|class=tlt-border|866x272px|right]]</th>

</tr>

<tr>

Line 69: Line 60:

<li>Select '''Cipher''' type.</li>

<li>Enter '''Key'''.</li>

−

~~<li>'''Save&Apply''' changes.</li>~~

</ol>

+

Once done, '''Save & Apply changes'''.

</td>

</tr>

</table>

−

~~----~~

−

~~<table class="nd-othertables_2">~~

−

~~<tr>~~

−

~~<th width=395; style="border-bottom: 1px solid white;></th>~~

−

~~<th width=700; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking rutos configuration examples guest wifi 6 v1.png|border|class=tlt-border]]</th>~~

−

~~</tr>~~

−

~~<tr>~~

−

~~<td style="border-bottom: 1px solid white>~~

−

~~Wait for configuration to apply. Two Wireless Access Points should be enabled~~

−

~~<ol>~~

−

~~<li></li>~~

−

~~<li></li>~~

−

~~<li></li>~~

−

~~<li></li>~~

−

~~</ol>~~

−

~~</td>~~

−

~~</tr>~~

−

~~</table>~~

===New LAN interface===

----

−

~~<table class="nd-othertables_2">~~

−

~~<tr>~~

−

~~<th width=395; style="border-bottom: 1px solid white;></th>~~

−

~~<th width=700; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking rutos configuration example openvpn bridge use case 12 v1.png|border|class=tlt-border]]</th>~~

−

~~</tr>~~

−

~~<tr>~~

−

~~<td style="border-bottom: 1px solid white>~~

−

~~Now go to '''Network → Interfaces''' and press '''Edit''' next to your newly created LAN interface:~~

−

~~<ol>~~

−

~~<li></li>~~

−

~~</ol>~~

−

~~</td>~~

−

~~</tr>~~

−

~~</table>~~

−

~~----~~

−

<tr>

−

+

−

<th width=~~700~~; style="border-bottom: 1px solid white;" rowspan=2>[[File:~~Networking rutos configuration examples guest wifi 2 v1~~.png|border|class=tlt-border]]</th>

+

<th width=970; style="border-bottom: 1px solid white;" rowspan=2>[[File:Guest interface config.png|border|class=tlt-border|843x633px|right]]</th>

</tr>

<tr>

−

In the ~~'''General setup''' section~~, ~~do the~~ following:

+

Once you have saved the Wireless interface, a new window should pop-up. Configure it as following:

<ol>

<li>Select '''Protocol''' - Static. Confirm by clicking "SWITCH PROTOCOL".</li>

Line 129: Line 82:

<li>Enter a '''IPv4 netmask'''.</li>

<li>Enable '''DHCP server'''.</li>

−

~~<li>Press '''Save&Apply'''.</li>~~

</ol>

+

'''Save & Apply changes''' when done.

</td>

</tr>

Line 140: Line 93:

<tr>

−

+

−

+

−

[[File:~~Networking rutos configuration example openvpn bridge use case 15 v1~~.png|border|class=tlt-border]]</th>

+

[[File:Firewall zone.png|border|class=tlt-border|785x261px|right]]</th>

</tr>

<tr>

Line 155: Line 108:

----

−

<tr>

−

+

−

+

−

[[File:~~Networking rutos configuration examples guest wifi 8 v1~~.png|border|class=tlt-border]]</th>

+

[[File:Firewall zone config.png|border|class=tlt-border|849x578px|right]]</th>

</tr>

<tr>

Line 170: Line 122:

<li>Select WAN interfaces for '''Allow forward to destination zones'''.</li>

<li>Select WAN interfaces for '''Allow forward from destination zones'''.</li>

−

~~<li>'''Save&Apply''' changes.</li>~~

−

~~<li></li>~~

</ol>

+

When done, '''Save & Apply changes'''

</td>

</tr>

Line 181: Line 132:

<tr>

−

+

−

+

−

[[File:~~Networking rutos configuration examples guest wifi 9 v1~~.png|border|class=tlt-border]]</th>

+

[[File:New traffic rule.png|border|class=tlt-border|787x116px|right]]</th>

</tr>

<tr>

Line 189: Line 140:

In order to disable WebUI or SSH access to the router from Guest's_WiFi network navigate to the '''Network → Firewall → Traffic Rules''' page and do the following:

<ol>

+

<li>Select '''Add new forward rule'''.</li>

<li>Enter a custom '''Name'''.</li>

<li>Select ''"guest_zone"'' for '''Source zone'''.</li>

Line 199: Line 151:

----

−

<tr>

−

+

−

+

−

[[File:~~Networking rutos configuration examples guest wifi 10 v1~~.png|border|class=tlt-border]]</th>

+

[[File:Traffic rule config.png|border|class=tlt-border|848x625px|right]]</th>

</tr>

<tr>

Line 214: Line 165:

<li>Enter the '''Destination port''' to reject. By default ports 22, 80, 443 are used to access the web user interface and SSH.</li>

<li>Change the '''Action''' to ''"Reject"''.</li>

−

~~<li>'''Save&Apply''' changes.</li>~~

−

~~<li></li>~~

</ol>

+

'''Save & Apply''' changes.

</td>

</tr>

Line 299: Line 249:

</tr>

</table>

+

[[Category:Use cases]]

PauliusRug

Administrators

569

edits

Changes

How to set up a guest WiFi network (view source)

Revision as of 15:08, 2 August 2023