APs going through opnsense

verasense · March 18, 2021, 04:05:35 PM

In my network I have different APs to get wifi clients.
The problem is that the firewall rules I have defined in opnsense wrt these clients are basically useless. For example, I am blocking ping access to the wifi camera at 192.168.0.5. However, any client connected to the same AP can ping the camera, since the request is received by the AP, which deals with it immediately without having to pass through opnsense. Is there a way I can force all traffic to go through opnsense?

bartjsmit · March 18, 2021, 08:04:42 PM

You need to put your camera on a separate layer 2 network. You can either do this by using a separate AP/SSID for it, or you can use AP's that support multiple SSID linked to separate VLAN's.

All Ubiquiti AP's are able to do this. On the other side of the price spectrum, some TP-Link AP's can as well: https://www.tp-link.com/uk/support/faq/418/

Bart...

verasense · March 19, 2021, 02:23:39 PM

I see... Thanks for the advise. I will check TP-link, they are N but valid nevertheless.

APs going through opnsense

verasense

March 18, 2021, 04:05:35 PM

bartjsmit

March 18, 2021, 08:04:42 PM #1

verasense

March 19, 2021, 02:23:39 PM #2