[SOLVED] Block OPT1 to Lan



  • Hi,

    I like to have a private network (Secured router on Lan) and open network managed by the Captive portal (open router on OPT1)
    I just read that normally all traffic from opt1 to lan is blocked.
    but here it's not and now I think it's because the NAT: Port Forward that is active (servers are on the lan)

    I have bin working on this project all day and feel a fix is close :)

    I hope someone can tell me how I can make sure that clients on OPT1 only can access the web and not Lan
    but leave the web servers accessible from the web.

    Thanks in advance.
    RcktBOY



  • You can create three rules, be sure that you apply those on opt1 interface
    allow tcp/udp from opt1subnet to server_public_ip_alias
    block * from opt1subnet to lan
    allow * from opt1subnet to any



  • @Metu69salemi:

    allow tcp/udp from opt1subnet to server_public_ip_alias
    block * from opt1subnet to lan
    allow * from opt1subnet to any

    Thanks, it works now :)



  • Good to hear


Locked