Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Best practice for an Open Wifi Network
« previous
next »
Print
Pages: [
1
]
Author
Topic: Best practice for an Open Wifi Network (Read 504 times)
LL0rd
Newbie
Posts: 5
Karma: 0
Best practice for an Open Wifi Network
«
on:
July 05, 2024, 05:28:04 am »
Hi,
I decided to set up a guest WiFi network that allows guests to log in without needing credentials. Currently, I have 6 APs to cover every corner of my house, so the network extends widely over my property.
For the guest network, I use a separate VLAN, and traffic to the internet goes through a VPN tunnel. The idea is that if someone engages in malicious activities, they go through the VPN provider instead of my ISP.
I don't mind if guests use my network to go online or check emails. My concern is a bad actor (like a neighbor or visitor) accessing illegal websites, which could trigger criminal investigations (e.g., child pornography).
What is the best setup to prevent this? I have AdblockHome for DNS filtering, a VPN gateway that hopefully doesn’t log activity, and I plan to use Zenarmor as an additional security layer to filter such websites. To be clear, my threat model is not a skilled hacker but a typical user.
Logged
sy
Hero Member
Posts: 595
Karma: 44
Re: Best practice for an Open Wifi Network
«
Reply #1 on:
July 05, 2024, 12:06:12 pm »
Hi,
Please check the following link for best practise option of Zenarmor Deployment.
https://www.zenarmor.com/docs/guides/best-practices-for-zenarmor-deployment
You can use the block untrusted device option to deny unwanted network connections to your network in Zenarmor policy.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Best practice for an Open Wifi Network