Block a local IP range from an interface



  • Need some help or ideas here. I'm wanting to block 10.1.1.1 - 10.1.1.199 from having access to another interface I have created that is to be dedicated to a VOIP system. Problem is the VOIP has to be able to use 10.1.1.200 - 250 or only allow 200 - 250 to access this other interface which has an IP gateway of 10.2.2.1.

    Any ideas? I'm almost thinking that a vlan may be best.


  • Netgate Administrator

    So these are two separate interfaces?

    I'm not sure I understand the problem correctly.

    Just put a firewall rule in place blocking those IPs. Use an Alias to group them to make it easier.

    Steve



  • Yes. there are currently 4 interfaces at this time. Cable, DSL, LAN, SHARE & VOIP.

    Ahh. That is what I needed to know. I just want to block machines from going down the wrong gateway.


  • Netgate Administrator

    Still not sure I understand the issue. A diagram might help here if you can't solve it yourself.

    Steve