Block Lan Traffic while maintaning wan

I'm setting up a hotspot and I need to set it so my users can't connect ot other users, while still being able to connect to the internet. Any ideas would be great, thanks.

 

you may be able to create a rule in your router.

Action Name source Destination Protocol

Deny ---default -- LAN *.* -- LAN *.* -- *.*

In router language it says to deny any lan traffic to any other computer on the lan. It should still let lan traffic out to WAN. Havn't tried it though.

 

Where would I put that in the router? I have a Linksys BEFVP41

 

You need to explain this a little more. Are you trying to prevent users from accessing each others machines while connected to the hotspot, or trying to restrict hotspot users from machines that are on the same network but are not hotspot users?

You have a WAN and one LAN? One router, the BEFVP41?

 

It should be the access restiction tab.

my D-link looks like this

Though what I typed below is not depicted in the photo you get the idea about Deny ---default -- LAN *.* -- LAN *.* -- *.*

 

Basicly User connects and can access the internet but I do not want them to be able to connect to other computers on the network.

 

That's very difficult (if not impossible) to do. This is because you can connect to another computer without any router intervention. You DIRECTLY connect to that other PC. It goes like this:
PC A wants to connect PC B @ IP X.X.X.X. PC A's network card (NIC) sends out an ARP request packet for X.X.X.X. PC B will reply with an ARP reply that it is located at MAC adress A:B:C:E:F. PC A now has everything it needs to send data directly to PC B. LAN communication is done using MAC addresses, not IP addresses. IP addresses are always resolved to MAC before anything is transmitted.
This applies to wired as well as wireless LANs, since both conform to Ethernet specs.

 

You could do it with a router that had two LAN connections and a WAN connection. You would place your hotspot users on one segment (a) and your normal users on another segment (b). With rules you could block ALL access from segment (a) to segment (b) and (b) from (a) while allowing both (a) and (b) to reach (c) and beyond.

This would require a router similar to a Cisco 2500 series router.

 

Though this is true, does not each network card have to be in adhock mode? If one or both cards are in network mode they will only talk to AP's or routers.