Guest Network Security Problem

Currently on Flint2 running latest beta openwrt-mt6000-4.6.2-0628-1719570657 and noticed a problem when connected to a guest SSID which should theoratically isolate the connected device from other clients on the network. I have, however noticed that I can very easily access the parent router in front of my Flint2 which would mean that the guest device has free and unfettered access to the WAN side of my network.

I have not tried replicating this on prior firmwatre versions but looks like something is not right here.

That's not an issue because that's how networks work. Security is only for your segment - not for ones upper than that.

You can always access the parent router because it's the next hub. To avoid this, you need to secure the parent router itself, using firewall rules to avoid the guest network connecting to the upper routers interface or you can use VPN on the guest network without activating "Allow Access WAN" (See VPN Dashboard - GL.iNet Router Docs 4)

1 Like

Thanks for the reply. I will have to start looking at an efficient way to prevent this without compromising owner's ability to access WAN device.