Inherited System - question from Ubiquiti guy.

Hi everyone, 

So far in my life ive been a Ubiquity guy.  Be nice.  But Ive inherited a vast amount of e600 units.  Cool.  Made myself a new account on cnMaestro.  Setup some basic stuff, cool.

So here is my questions now.  I want to make a WLAN that connects devices with internet only, and restrict access to say subnets, etc.  Where do I do this?  

second question of the moment is regarding the 'client isolation' option.  Does 'disable' mean they are all part of the LAN and can see/talk to eachother? Then what is the difference between local and 'network wide'?  Thanks,

- Client Isolation

  • If you want to restrict client communication within an AP, please enable "Local" mode.
  • If you want to restrict client communication across AP in same subnet, plesae enable "Network Wide" mode. When this mode is selected, AP will learn Gateway of WLAN VLAN automatically and triggers keep-alive mechanism.
  •  If you want to restrict client communication across AP in same subnet, plesae enable "Network Wide Static" mode. When this mode is selected, Gateway MAC of WLAN VLAN has to configured by User. No keep-alive mechanism.


  • To restrict access to subnet, use WLAN ACL for wireless client restriction.
    • Please refer Userguide w.r.t configuration in Chapter 8.
1 Like

To confirm, leaving it as disable allows all clients to speak to eachother, all the time, no restrictions, yes?

Yes. If option "Disabled" is selected, there is no restriction of traffic between client to client 

1 Like

Hi - how is the system working for you?

Where is the userguide with Chapter 8?  

The most recent user guide for cnPilot products is available at
Sign-in using your forum ID (may need to convert your account)
Select downloads
Select cnPilot group and select the line that has the correct radio you are looking for. The current version is 4.0 as of this posting date.


Thanks, I think i have it.

DHCP on my local network is  

So I setup an ACL that is Deny, from Any direction, type: IP, source rule of ANY, destination of

Trouble is, would that not block traffic to the router of

Could you please share tech-support. It will help us to provide you with appripriate ACL rules as per your requirement. 

Please send details of your requirement and tech-support to or if you are using cloud cnMaestro, please invite me to your account. 

Thank You.