Template:Networking rutos configuration example guest wifi: Difference between revisions
No edit summary |
|||
(71 intermediate revisions by 3 users not shown) | |||
Line 2: | Line 2: | ||
==Introduction== | ==Introduction== | ||
Most of us are aware, that network security is | Most of us are aware, that network security is extremely important. If your WiFi network is not properly secured, it makes you and all of your home or office resources vulnerable to a variety of security threats. To stay ahead of the curve, many companies and home users have guest WiFi. Unlike your regular WiFi network that you or your company members use, the guest WiFi network restricts what your guests can do in your network. It gives visitors access to the Internet connection, but nothing else making you or your company a lot more secure. This chapter is a guide on configuring a guest WiFi. | ||
---- | ---- | ||
If you're having trouble finding some of the parameters described here on your device's WebUI, you should <b>turn on "Advanced WebUI" mode</b>. You can do that by clicking the "Basic" button under "Mode", which is located at the top-right corner of the WebUI. | |||
[[File:Networking rutx manual webui basic advanced mode v1.gif|border|class=tlt-border]] | |||
==Configuring router (RUTX)== | |||
===New LAN=== | |||
---- | ---- | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
<th width= | <th width=395; style="border-bottom: 1px solid white;></th> | ||
<th width= | <th width=700; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking rutos configuration examples guest wifi 1 v1.png|border|class=tlt-border]]</th> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td style="border-bottom: 1px solid white | <td style="border-bottom: 1px solid white> | ||
Login to the router's WebUI, switch to '''ADVANCED''' mode and navigate to the '''Network → Interfaces''' page and do the following: | |||
<ol> | <ol> | ||
<li>Enter a custom '''name'''.</li> | |||
<li>Click the '''Add''' button.</li> | |||
<li>Enter a custom ''' | |||
<li> | |||
</ol> | </ol> | ||
</td> | </td> | ||
</tr> | </tr> | ||
Line 51: | Line 32: | ||
---- | ---- | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
<th width= | <th width=395; style="border-bottom: 1px solid white;></th> | ||
<th width= | <th width=700; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking rutos configuration examples guest wifi 2 v1.png|border|class=tlt-border]]</th> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td style="border-bottom: 1px solid white> | <td style="border-bottom: 1px solid white> | ||
In the '''LAN interfaces''' page, do the following: | |||
<ol> | <ol> | ||
<li>Select ''' | <li>Select protocol '''Static'''.</li> | ||
<li>Enter a '''IPv4 address'''.</li> | <li>Enter a '''IPv4 address'''.</li> | ||
<li>Enter a '''IPv4 netmask'''.</li> | <li>Enter a '''IPv4 netmask'''.</li> | ||
<li> | <li>'''Enable''' DHCP server.</li> | ||
<li> | <li>Don't forget to '''Save&Apply''' the changes.</li> | ||
</ol> | </ol> | ||
</td> | </td> | ||
</tr> | </tr> | ||
</table> | </table> | ||
===New Wireless=== | |||
---- | ---- | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
<th width= | <th width=395; style="border-bottom: 1px solid white;></th> | ||
<th width= | <th width=700; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking rutos configuration examples guest wifi 3 v1.png|border|class=tlt-border]]</th> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td style="border-bottom: 1px solid white> | <td style="border-bottom: 1px solid white> | ||
Navigate to the '''Network → Wireless''' page and do the following: | |||
Navigate to '''Network → | |||
<ol> | <ol> | ||
<li>Click '''Add'''.</li> | |||
<li></li> | |||
<li></li> | |||
<li></li> | <li></li> | ||
</ol> | </ol> | ||
Line 110: | Line 73: | ||
---- | ---- | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
<th width= | <th width=395; style="border-bottom: 1px solid white;></th> | ||
<th width= | <th width=700; style="border-bottom: 1px solid white;" rowspan=2> | ||
[[File: | [[File:Networking rutos configuration examples guest wifi 4 v1.png|border|class=tlt-border]]</th> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td style="border-bottom: 1px solid white;> | <td style="border-bottom: 1px solid white;> | ||
On '''General Setup''' tab do the following: | |||
<ol> | <ol> | ||
<li> | <li>'''Enable''' instance.</li> | ||
<li>Select | <li>Select mode '''Access Point'''.</li> | ||
<li>Enter '''ESSID'''.</li> | |||
<li>Assign it to new '''Guest''' LAN network.</li> | |||
</ol> | </ol> | ||
</td> | </td> | ||
</tr> | </tr> | ||
Line 132: | Line 97: | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
<th width= | <th width=395; style="border-bottom: 1px solid white;></th> | ||
<th width= | <th width=700; style="border-bottom: 1px solid white;" rowspan=2> | ||
[[File: | [[File:Networking rutos configuration examples guest wifi 5 v1.png|border|class=tlt-border]]</th> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td style="border-bottom: 1px solid white;> | <td style="border-bottom: 1px solid white;> | ||
Switch to '''Wireless Security''' tab and do the following: | |||
<ol> | <ol> | ||
<li>Select ''' | <li>Select '''Encryption''' type.</li> | ||
<li>Select '''Cipher''' type.</li> | |||
<li>Select | <li>Enter '''Key'''.</li> | ||
<li> | <li>'''Save&Apply''' changes.</li> | ||
<li> | |||
</ol> | </ol> | ||
</td> | </td> | ||
Line 150: | Line 114: | ||
</table> | </table> | ||
---- | ---- | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
<th width= | <th width=395; style="border-bottom: 1px solid white;></th> | ||
<th width= | <th width=700; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking rutx configuration examples guest wifi 5 v1.png|border|class=tlt-border]]</th> | ||
[[File: | |||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td style="border-bottom: 1px solid white | <td style="border-bottom: 1px solid white> | ||
Wait for configuration to apply. Two Wireless Access Points should be enabled | |||
<ol> | <ol> | ||
<li></li> | |||
<li></li> | |||
<li></li> | |||
<li></li> | <li></li> | ||
</ol> | </ol> | ||
Line 188: | Line 133: | ||
</tr> | </tr> | ||
</table> | </table> | ||
===Edit Firewall zone=== | |||
---- | ---- | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
<th width= | <th width=395; style="border-bottom: 1px solid white;></th> | ||
<th width= | <th width=700; style="border-bottom: 1px solid white;" rowspan=2> | ||
[[File: | [[File:Networking rutx configuration examples guest wifi 6 v1.png|border|class=tlt-border]]</th> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td style="border-bottom: 1px solid white;> | <td style="border-bottom: 1px solid white;> | ||
Navigate to the '''Network → Firewall → General Settings''' page and do the following | |||
<ol> | <ol> | ||
<li> | <li>Click the '''Add''' button.</li> | ||
</ol> | </ol> | ||
</td> | </td> | ||
</tr> | </tr> | ||
Line 210: | Line 157: | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
<th width= | <th width=395; style="border-bottom: 1px solid white;></th> | ||
<th width= | <th width=700; style="border-bottom: 1px solid white;" rowspan=2> | ||
[[File: | [[File:Networking rutx configuration examples guest wifi 6 v1.png|border|class=tlt-border]]</th> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td style="border-bottom: 1px solid white;> | <td style="border-bottom: 1px solid white;> | ||
In | In the '''ZONE''' page, do the following: | ||
<ol> | <ol> | ||
<li> | <li>Enter a custom '''name'''.</li> | ||
<li> | <li>Add new created Guest LAN to '''Covered networks'''.</li> | ||
<li>Select | <li>Select WAN interfaces for '''Allow forward to destination zones'''.</li> | ||
<li>Select | <li>Select WAN interfaces for '''Allow forward from destination zones'''.</li> | ||
<li> | <li>'''Save&Apply''' changes.</li> | ||
<li></li> | |||
</ol> | </ol> | ||
</td> | </td> | ||
Line 228: | Line 176: | ||
</table> | </table> | ||
==Results== | ==Results== | ||
Wireless users connected to SSID: “'''RUTX_WIFI'''”, will be assign to “LAN”, and will get IP from main pool '''192.168.1.0/24'''. | Wireless users connected to SSID: “'''RUTX_WIFI'''”, will be assign to “LAN”, and will get IP from main pool '''192.168.1.0/24'''. | ||
Wireless users connected to SSID: “'''GUEST'S_WIFI'''”, will be assign to LAN “Guest”, and will get IP from new pool '''10.10.10.0/24'''. | Wireless users connected to SSID: “'''GUEST'S_WIFI'''”, will be assign to LAN “Guest”, and will get IP from new pool '''10.10.10.0/24'''. | ||
Guest hosts are unable to access any data from pool 192.168.1.0/24. | |||
Guest hosts are unable to access any data from pool 192.168.1.0/24. | |||
Revision as of 12:00, 2 July 2020
Introduction
Most of us are aware, that network security is extremely important. If your WiFi network is not properly secured, it makes you and all of your home or office resources vulnerable to a variety of security threats. To stay ahead of the curve, many companies and home users have guest WiFi. Unlike your regular WiFi network that you or your company members use, the guest WiFi network restricts what your guests can do in your network. It gives visitors access to the Internet connection, but nothing else making you or your company a lot more secure. This chapter is a guide on configuring a guest WiFi.
If you're having trouble finding some of the parameters described here on your device's WebUI, you should turn on "Advanced WebUI" mode. You can do that by clicking the "Basic" button under "Mode", which is located at the top-right corner of the WebUI.
Configuring router (RUTX)
New LAN
Login to the router's WebUI, switch to ADVANCED mode and navigate to the Network → Interfaces page and do the following:
|
In the LAN interfaces page, do the following:
|
New Wireless
Navigate to the Network → Wireless page and do the following:
|
On General Setup tab do the following:
|
Switch to Wireless Security tab and do the following:
|
File:Networking rutx configuration examples guest wifi 5 v1.png | |
---|---|
Wait for configuration to apply. Two Wireless Access Points should be enabled |
Edit Firewall zone
File:Networking rutx configuration examples guest wifi 6 v1.png | |
---|---|
Navigate to the Network → Firewall → General Settings page and do the following
|
File:Networking rutx configuration examples guest wifi 6 v1.png | |
---|---|
In the ZONE page, do the following:
|
Results
Wireless users connected to SSID: “RUTX_WIFI”, will be assign to “LAN”, and will get IP from main pool 192.168.1.0/24.
Wireless users connected to SSID: “GUEST'S_WIFI”, will be assign to LAN “Guest”, and will get IP from new pool 10.10.10.0/24.
Guest hosts are unable to access any data from pool 192.168.1.0/24.