TechSpot

Router: Blocking ports only on Wi-Fi?

By bielius
Apr 6, 2012
Post New Reply
  1. Hey,

    Our family rents apartments here where I live. And there's a router in my room which guests use too. Since we don't have awesome internet connection, it really annoys me when guests download something via Wi-Fi. So my question is, Is it possible to block ports only for Wi-Fi users, but leave all ports open for cable users?

    I googled but did not find anything related.. hope to get an answer here.

    Big thanks ! :)
     
  2. Tmagic650

    Tmagic650 TS Ambassador Posts: 20,872   +166

  3. bielius

    bielius TS Booster Topic Starter Posts: 228   +14

    Thanks, but this will block ports for both cable and Wi-Fi users, right? Because I am cable connected to the router and I want to download stuff, while I do not want guests to do that.
     
  4. Cinders

    Cinders TechSpot Chancellor Posts: 1,313   +12

    I think you'd have to log into your router's Admin page and take a look at the restrictions available for WIFI.

    I took a look at mine and all the restrictions seem to apply to the WAN which would cover both the switch (cable) & WIFI.

    You could set up a guest account on a second router that was plugged into your switch and do as you pleased, or at least that's what I could do. :)
     
  5. bielius

    bielius TS Booster Topic Starter Posts: 228   +14

    Ahhh, that is right Cinders! I have one router? Without Wi-FI just laying around here. I will try different stuff and see if i can hook up those two to get what i need :)

    thanks for the help, i really did not think about that lol.
     
  6. jobeard

    jobeard TS Ambassador Posts: 13,426   +317

    I share a cable router with roommates & guests and have this solution for
    isolating 'trusted systems' from guest systems:

    1) use address reservation to ensure trusted users are in a known lan address range
    eg: 192.168.0.2-192.168.0.9

    2) let the DHCP assign guests to anything from 192.168.0.10-20 (thus a limit of 19 connections)

    3) in the firewall define 'local-lan' group as (1)

    4) ports on local-lan(1) can then be allowed

    The extrapolation for you would be to add disallow 192.168.0.10-192.168.0.20,
    set the QoS for these addresses to something terrible
    and perhaps add a port forward on those addresses to an unused lan address
    like 192,168,0,254. This is highly dependent upon the features of your router and
    firewall.
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.