I have a few IP Cameras I wish to setup, unfortunately, I don’t wish those cameras to have access to the net (It seems like a horrible idea, especially considering I cheaped out when buying them and they have some of the worst firmware I’ve ever seen). What I want to do is have an array of interfaces which are only allowed to speak with the server that will be recording the video footage, but, I also wish that server to talk to other devices/the internet. What’s the best way of doing this?
Basically, ethx can only talk to ethy, but ethy can talk to everything it would normally be able to talk to.
Thanks.
A. There is SRC MAC ADDRESS field in the firewall rule - the Advanced Tab. Use it to limit access to Internet.
B. You can also set them some known static addresses and then make address list pool via “address lists”
and use that address list in the same Advanced Tab to block the camera pool addresses.
C. Connect them to switch, that switch to the particular port in the router, and limit that port accessing Internet. Such switch could be also part of MT router eg. RB2011 and than all ports except one should be slaves and then limit traffic from master port.
D. Set cameras to different IP pool than your regular one in the router and filter traffic from that cameras’ pool
E. Mix any from above 