Temporarily restricted guest access
-
I have a pfsense router for my home. My WiFi is an Orbi mesh coming through one port on a managed switch.
My neighbor’s internet is out and Frontier says they won’t be out to fix for a few days. In the interim I thought about giving them one of my mesh APs for a few days. Orbi has no controls. I tested the “guest” WiFi function and can still access all my local shares.
Is there an EASY way to allow him access to my internet for a few days and keep him out of my local shares? With IoT I probably have 60 devices on DHCP. Not certain how I could write a firewall rule allowing access for all current leases while only directing traffic for the few he’d connect for a few days.
Thanks for your feedback.
-
Can you provide WiFi on a separate subnet? You could then use the rules and routing to allow him only access to the Internet. Here are my rules for guest WiFi.
-
Unfortunately it’s my only WiFi. So if I restrict him, I restrict myself, my wife, and all our current devices connected via WiFi.
-
Then there's nothing you can do. If they're on your WiFi, they're on the same subnet as your stuff and pfSense won't affect anything within that subnet.
Does that mesh device support VLANs and multiple SSIDs? If so, you could set up another subnet that way. My guest WiFi uses a 2nd SSID & VLAN.
-
Unfortunately, the ORBI devices have no meaningful settings adjust for this.
-
@optimus-prime
If he has an wifi AP you could connect it to your switch and configure a separate subnet for the guest wifi.