Hi, I need a little help with hotspot scenario. We have a little hotel with one internet access and now we want to allow our guests to access internet too. So we have both RB751G-2hnd. This is our network configuration:
Internet
l
ADSL modem (dhcp-on)
l
switch (office lan-not manage switch)
l l
office PCs Miktorik (hot-spot)

Hot spot is configured on wlan1 interface and gest auth. works. Guests have internet access but also to our office network. So that is the problem guest’s access to our network. How we can’t deny that so the guest have only access to internet. Miktorik I connected over WAN(port 1-dhcp client) to our switch.
Any suggestions please.

Is your ADSL modem acting as a router with DHCP server? Can it be put in bridge mode so that the routerboard acts as the router/DHCP server?

Is your ADSL modem acting as a router with DHCP server? Can it be put in bridge mode so that the routerboard acts as the router/DHCP server?

Yes

The best solution would probably be to put the ADSL modem in bridge mode then connect the RouterBoard such that the Hotspot is on one interface and the office switch is on another - then use Forward chain filters to ensure that traffic is permitted/denied as required.

The best solution would probably be to put the ADSL modem in bridge mode then connect the RouterBoard such that the Hotspot is on one interface and the office switch is on another - then use Forward chain filters to ensure that traffic is permitted/denied as required.

Can you please put some example?

Ok I think i solved the problem. Under firewall I have added rule to drop communication between two subnets, local subnet for office PCs and hotspot clients.