Multi access point with server filtering.

virtualliquid

Topology

Wan - internet facing
Lan nic - hard wired lan in building
opt1 nic - wifi ap 1 - not bridged to anything. 192.168.1.150 - 192.168.1.250 ( No access to Lan resources ) as it is not bridged
my second AP is plugged into the LAN - Here is my problem.

My problem is that if you connect to my first access point on the OPT1 nic you do not have any access to the LAN resources, this is what I want as it is a guest network ( open wifi )
My second AP is on a different channel very far from first AP but it is directly plugged into the LAN, if you connect to this you have access to the LAN resources, this is bad for obvious reasons.

What I would like to know is if it is possible to do some sort of MAC filtering to only allow certian computers on the network access to the other lan resources such as my \server and block all other connections not allowed or white-listed on the filtering rules? Is there an add-on or some way to do this.?

kejianshi

I'm assuming all these things are connected via a single switch or set of chained switches.

Any resources connected to the same switch(es) can't be firewalled as you suggest.

You can create a bunch of VLANS and use a VLAN switch and firewall rules to accomplish this though.