Stations are connected to different SSIDs with NAT mode enabled, but are able to discover each other
Options
Zyxel_JoyLee
Posts: 154 
Zyxel Employee
Zyxel Employee
in SSID
The NAT mode of an SSID is used to assign IP addresses to devices when there is no gateway or router in the environment to provide DHCP service. However, it is not a true Layer 3 isolation mechanism and cannot fully isolate devices from each other.
To prevent devices on different NAT-mode SSIDs from communicating with each other, enable the Guest Network function. This will automatically create firewall rules to isolate wireless clients.
- Go to Site-wide > Configure > Access points > SSID settings and enable “Guest Network"
2. Go to Site-wide > Configure > Access points > SSID advanced settings and the firewall rule is enabled
0
Categories
- All Categories
- 442 Beta Program
- 3K Nebula
- 229 Nebula Ideas
- 130 Nebula Status and Incidents
- 6.6K Security
- 661 USG FLEX H Series
- 359 Security Ideas
- 1.8K Switch
- 86 Switch Ideas
- 1.4K Wireless
- 56 Wireless Ideas
- 7.1K Consumer Product
- 305 Service & License
- 497 News and Release
- 95 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 5K FAQ
- 34 Documents
- 89 About Community
- 110 Security Highlight