4. Block LAN access from a computer on the LAN

Block LAN access from a computer on the LAN

  • M

    Hello.
    I have a testserver on my LAN (on a esxi host) that i don't want access to the rest of my LAN, only traffic out to the WAN.
    How do I this? Can I do this with some firewall rules?

    One option would be to add a second NIC to the esxi host and get a second IP range that cannot connect to the original LAN subnet but I would prefer to not buy a new NIC…

    0

  • @mrhub:

    One option would be to add a second NIC to the esxi host and get a second IP range that cannot connect to the original LAN subnet but I would prefer to not buy a new NIC…

    This.
    If you dump it on the LAN, the traffic will not hit the firewall if it is going to another host on the LAN.

    0
  • P

    The only way to the separate it from the LAN. This means either putting it on its own vLAN or its own physical switch/NIC. Once it is on a different subnet, you can control how the traffic goes out to the internet or LAN. If it has a application FW like Microsoft FW, you could use that, but it could easily be disabled.

    0
  • M

    I used VLAN to solve it, works like a charm! :)
    ESXi can tag traffic out from the host.
    If anyone is interested I can make a more detailed description how I did it.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy