Community discussions

 
clu
just joined
Topic Author
Posts: 3
Joined: Sat Oct 28, 2017 4:55 am

HAP AC Restrict Eth Port

Wed Nov 01, 2017 12:28 am

Im relatively new at this. Im using a HAP AC as a router, firewall and Wireless Access Point. I have everything setup and running for a basic setup. I want to take this to the next level...

I put all of my IoT devices and IP phone devices on LAN port eth5. I want to set it up so these devices on eth5 can only access the WAN via eth1 but not have access to LAN eth2, eth3 and eth4. Basically isolate them from my main network. Im reading about "subnets" and "bridges" but not exactly sure if this is what I need. I don't know what I don't know. :-) Can someone point me in the right direction and possibly provide some command line examples or other help to set this up? Thank you.
 
User avatar
matiaszon
Member
Member
Posts: 305
Joined: Mon Jul 09, 2012 9:26 am

Re: HAP AC Restrict Eth Port

Thu Nov 02, 2017 11:43 am

I think the easiest way is to:
1) create a bridge and add ether2, ether3 and ether4 ports,
2) assign IP to that bridge (let's say it will be 192.168.1.1, network 192.168.1.0/24),
3) create DHCP for that bridge,
4) assign IP for ether5 (let's say 192.168.2.1, network 192.168.2.0/24),
5) create DHCP for ether5,
6) create filter rules that won't allow to communicate between networks 192.168.1.0/24 and 192.168.2.0/24.

Who is online

Users browsing this forum: MSN [Bot] and 28 guests