On Mon, 18 Jul 2016, Bonno Bloksma wrote: > This looks to be impossible. The whole idea of having 1 network > segment is that members can communicate directly over layer 2 without > ant router/firewall in between.
Actually, it is very much possible, but it needs cooperation from the network equipment (switch or wireless AP/router). https://en.wikipedia.org/wiki/Private_VLAN Wireless APs and routers often have a feature that can be enabled to "isolate clients" which is similar to a private vlan where all ports are private except for the uplink. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
