hello i am beginner, i have 2 IP DHCP and i want to make Isolation,
IP1=10.10.0.1/16
IP2=192.168.1.1/24
and how to make user1 10.10.1.15 can’t go user 2 192.168.1.14
1st rule)
Prevent 10.10.1.15 to perform connection to 192.168.1.14
ip firewall filter add action=drop src-address=10.10.1.15 dst-address=192.168.1.14 chain=forward
2nd rule)
Prevent 192.168.1.14 to perform connection to 10.10.1.15
ip firewall filter add action=drop src-address=192.168.1.14 dst-address=10.10.1.15 chain=forward
Do you want single user access to single user access blocked or was that only an example and you want the TWO LANS to be isolated from each other.
If the latter, the rules implemented above wont work if they are all on the same LAN interface list from my limited understanding. The IP firewall rules will work at layer3 only but not at layer 2.
Suggest putting one LAN on a bridge and the other not on the bridge or use two separate bridges which will block at layer 2.
I might have that mixed up but thats what happens when you get advice from fellow newbies. 