WISP Network Security

I’m planing to start a canopy-based WISP network.
How would I avoid two customers with SMs registered on tha same AP from seeing each others shared folders?

Is this an addressing issue, or does canopy have a parameter that can be set in order to keep these data flows separated?

Additional info:
- I’m planning to use private addressing for the radios (administrative network)
- Will need to work with both public and private addressing at the same time depending on my customers.


If you’re getting your data from an outside pipe, you will need to separate your network with a quality router. As for the two SMs on the same AP, this is definitely an addressing issue. Make sure that you keep each individual SM’s IP separated by a subnet mask, so the users cannot see each other’s IP. As for setting up a private network, this seems to be the best way to go… at least it has been for our network.

Good luck!

I think you should enable NAT on the SMs if you have upgraded the firmwire to 4.2.1 or 4.2.3.And also do some packet filtering as well.

you can try the filtering that was added in the new firmware release, you can filter SMB (network neighborhood), and also specify 3 ports to filter. This should keep them from seeing each other, have not tested it, but i am filtering ports 137-139 on each SM, just as an added precaution (even though filtering SMB should filter these ports anyway)