Seperate the Guest WIFI from the internal network

March 2, 2018 in meraki ‐ 1 min read

The idea is a very basic task in every company. You have two wifi’s, one for employees and one for guests.

The guest wifi is not supposed to access internal resources.

Setup

At first you go to Wireless > SSID.

image

Here you select your guest wifi (or add one) and select edit Settings.

image

Alternativley, if you already configured a guest wifi, you can go to Wireless > Access Control.

image

Here you select the correct SSID, decide if users should be redirected to a Splash Page when connecting to this wifi and then select NAT mode. This setting isolates the client in a separate network and blocks communication between each of the connected devices.

After that you save the canges BEFORE clicking on SSID firewall settings.

image

The correct ID should already be selected. Change the already existing firewall rule commented “Wireless clients accessing LAN” to Deny.

image

Now Clients connected to that wifi should not be able to reach resources from the LAN anymore.

Cheers, Ori