Hi all. I'm trying to figure out my inter-VLAN routing (disabled or enabled) results. Here's my basic setup:
1 x RV345P
2 x WAP571 (clustered, so for this post might as well be one wap)
1 x computer connected to the Guest WiFi network (the captive portal) on the WAP571
1 x computer connected by ethernet to a LAN port on the RV345P
The goal is to test whether I can successfully prevent Guest WiFi users from connecting to anything on the internal LAN. I'll pause my post at this point and ask that if anybody has a list of best practices or step by step on this topic, please share. I had to manually trial & error my way to a successful setup.
Alright so, on the WAP and RV, I have created VLAN 2 and this is menat as the Guest WiFi one. It's a Tagged VLAN, no VLAN management on this ID, and I have assigned a DHCP server to this VLAN 2 so it's a totally different IPv4 subnet than the DHCP server on the LAN.
On the WAP I have Captive Portal set up and working.
So the question is this: on the RV under LAN > VLAN Settings, I have my VLAN 1 at default settings and my VLAN 2 set but with inter-VLAN Routing disabled. When disabled, I was not able to ping between the two computers, so that was ideal. So a to be thorough for testing, the idea was to enable/disable it a few times, doing ping tests from computer to computer in both directions each time, to ensure consistency.
What I found was that the ocmputer on the LAN side cannot ping the computer on the Guest WiFi, however, the computer on the Guest Wifi CAN ping the computer on the LAN side, even after I disabled the inter-VLAN Routing again. Generally speaking though, I notice that as well as I disable or enable inter-VLAN routing, the effects are immediate (ie: the computer that could not ping the other, can suddenly ping the other).
So is there some refresh interval I'm not aware of, or perhaps a bug in the RV or WAP or something, that doesn't like my toggling inter-VLAN routing on and off?
I have not yet tested rebooting the gear.
I hope this post makes sense, sorry it's a bit long. Thank you!