Changes

VLAN Inter-Zone accessibility control configuration example test (view source)

Revision as of 14:33, 24 September 2024

532 bytes removed ,  Tuesday at 14:33
no edit summary
Line 45: Line 45:  
To start with, we will need to create new firewall zones: LAN1, LAN2 and LAN3. To add new zones, navigate to '''Network -> Firewall -> General Settings'''. In the Zones section, press ADD button to add a new zone.
 
To start with, we will need to create new firewall zones: LAN1, LAN2 and LAN3. To add new zones, navigate to '''Network -> Firewall -> General Settings'''. In the Zones section, press ADD button to add a new zone.
   −
[[File:Addnewfwzone1.png|border|1000px|class=tlt-border|]]
+
[[File:Addnewfwzone1v1.png|border|1000px|class=tlt-border|]]
    
A new window will open, there configure the settings according to the points below and press Save & Apply.:
 
A new window will open, there configure the settings according to the points below and press Save & Apply.:
Line 57: Line 57:  
'''Note''': By setting the Input and Output zones to '''Accept''' traffic is allowed to enter and leave the zone. '''Forward: Reject''' blocks communication between zones - this is a default policy. '''Inter-zone forwarding''' section can be used to modify the default behavior of the Forward zone and allow communication between zones.
 
'''Note''': By setting the Input and Output zones to '''Accept''' traffic is allowed to enter and leave the zone. '''Forward: Reject''' blocks communication between zones - this is a default policy. '''Inter-zone forwarding''' section can be used to modify the default behavior of the Forward zone and allow communication between zones.
   −
[[File:Lan1zonesettings.png|border|class=tlt-border|]]
+
[[File:Lan1zonesettingsv2.png|border|class=tlt-border|]]
    
----
 
----
Line 79: Line 79:  
Newly created firewall zones should look like this:
 
Newly created firewall zones should look like this:
   −
[[File:Newlycreatedfirewallzones.png|border|1000px|class=tlt-border|]]
+
[[File:Newlycreatedfirewallzonesv2.png|border|1000px|class=tlt-border|]]
   −
----
  −
  −
Now, to attach these zones to the corresponding interfaces, we need to go back to the Network Interfaces tab ('''Network -> Interfaces -> General'''). Click edit on the lan interface and navigate to Firewall settings. In Create / Assign firewall-zone section, select lan1:
  −
  −
[[File:Interfacesfireewallsettings.png|border|class=tlt-border|]]
  −
  −
Follow these steps to attach the corresponding zone to the interfaces:
  −
* lan2 interface – firewall zone lan2
  −
* lan3 interface – firewall zone lan3
      
==Inter-zone forwarding use examples==
 
==Inter-zone forwarding use examples==
Line 104: Line 95:  
If '''lan1''' to '''lan2''' communication is allowed, zone settings should look like this:
 
If '''lan1''' to '''lan2''' communication is allowed, zone settings should look like this:
   −
[[File:2022-12-14 12-52 lan1 and lan2.png|border|class=tlt-border|]]
+
[[File:Lan1tolan2.png|border|class=tlt-border|]]
    
Testing the communication between '''lan1''' and '''lan2''':
 
Testing the communication between '''lan1''' and '''lan2''':
Line 122: Line 113:  
Zone settings after these changes should look like this:
 
Zone settings after these changes should look like this:
   −
[[File:2022-12-14 12-57 zones after changes.png|border|class=tlt-border|]]
+
[[File:Zonesfterchanges.png|border|class=tlt-border|]]
    
Now the communication between '''lan1''' and '''lan3''' works:
 
Now the communication between '''lan1''' and '''lan3''' works:
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/132975"

Navigation menu