[SOLVED] Block OPT1 to Lan
-
Hi,
I like to have a private network (Secured router on Lan) and open network managed by the Captive portal (open router on OPT1)
I just read that normally all traffic from opt1 to lan is blocked.
but here it's not and now I think it's because the NAT: Port Forward that is active (servers are on the lan)I have bin working on this project all day and feel a fix is close :)
I hope someone can tell me how I can make sure that clients on OPT1 only can access the web and not Lan
but leave the web servers accessible from the web.Thanks in advance.
RcktBOY -
You can create three rules, be sure that you apply those on opt1 interface
allow tcp/udp from opt1subnet to server_public_ip_alias
block * from opt1subnet to lan
allow * from opt1subnet to any -
allow tcp/udp from opt1subnet to server_public_ip_alias
block * from opt1subnet to lan
allow * from opt1subnet to anyThanks, it works now :)
-
Good to hear