Hi,
Im trying to block client-to-client traffic and at the same time allow some external networks to initiate sessions with wirless clients. Ive tried to add the following rules, which deny clients-to-clients traffic but also block external networks to contact clients.
allow any on server 10.95.0.1(gateway)
deny any to network 10.95.0.0/24(wireless subnet)
allow any to all destination
Whats the best practice in this situation?