First of all, the best thing you can do to isolate hotspot users from your existing network, is to put the hotspot router directly to the internet connection (first router in your network). Then connect other routers to the hotspot router. That way, the hotspot users won’t see other part of your network.

Furthermore, there are several tricks you can do based on your hardware/firmware you are using:

(Note that if you have a local DNS on the restricted subnet, then the hotspot will not work. )

Suggested setup is to put the dd-wrt hotspot router as the first router on your network (connected to an ADLS modem for example), then connect the hotspot router to your office router. That way, hotspot users won’t be able to see your office network.

Did this answer your question?