Blocking Client to Client communication
Posted: Tue Jul 08, 2003 7:14 am
I have a Cisco 350 Access Point with all WET11 clients. I am attempting to secure my network from malicious or dumb customers.
I am serving my clients with a DHCP server on the same switch as the Access Point, but I fear what will happen if a customer decides to turn on a DHCP service on their own computer and how it will interfere with other customers obtaining a valid IP.
What I would like to do is block all non TCP and UDP packets going from one wireless connection to another, but still allow packets to flow between wireless connections and the AP's Ethernet NIC. I am unsure how to do this.
Another issue I am having is the ability to block network access for MAC's behind the WET11's, since their ARP shows the MAC of the WET11 and not there own. My only option so far is to use reservations on my DHCP server since that still registers the computers MAC and not the WET11 unlike ARP.
Any suggestions or help on configuring the Cisco 350 AP would be appreciated.
I am serving my clients with a DHCP server on the same switch as the Access Point, but I fear what will happen if a customer decides to turn on a DHCP service on their own computer and how it will interfere with other customers obtaining a valid IP.
What I would like to do is block all non TCP and UDP packets going from one wireless connection to another, but still allow packets to flow between wireless connections and the AP's Ethernet NIC. I am unsure how to do this.
Another issue I am having is the ability to block network access for MAC's behind the WET11's, since their ARP shows the MAC of the WET11 and not there own. My only option so far is to use reservations on my DHCP server since that still registers the computers MAC and not the WET11 unlike ARP.
Any suggestions or help on configuring the Cisco 350 AP would be appreciated.