I have a Private LAN with a Gateway to its ISP using a router.
I want to be able to set up an Aaccess Point that uses the "Captive Portal Page" feature on an isolated WiFi network that will only give access to the internet and NO other services on the Private LAN.
The closest I have got to this working is to have the Private LAN connected to the WAN side of Monowall and the Public WiFi network on the LAN side.
The problem is the Monowall Console is only accessible from the LAN side and the cleints connecting to the LAN port of Monowall can access other PCs on the WAN side.
I am a bit confussed as I would have expected this to work the other way around (i.e. WAN side being the public side) but could not find a configuration that worked.
Essentially I am looking for inforamtion that shows how to configure Monowall to control access to Clients on one port and only route internet access via the private LAN's gateway address and nothing else.
Appreciate any comments appreciated.
you will need 3 NICs, one for WAN one for LAN, and one for the untrusted WAP.
Then set up a deny all to LAN rule on the untrusted WAP.
Topic: Guides for public hotspot on private LAN