FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

12691 questions

15070 answers

24150 comments

47147 members

0 votes
373 views 1 comments
by
Hi!

I would like to deny a specific client to get WAN access, but still be accessable on the LAN side.

I think I could maybe use "Traffic Rules", but there is no "add new rule" button, I can only edit the already exist rules :s.

2 Answers

0 votes
by

Hi,

You are correct in assuming that it can be done using the "Traffic Rules" page. You can add a rule by using the "New Forward Rule" section.

To block a specific client from WAN access, add a rule like this:

Then in the rule editing window set up your rule like this:

  1. Protocol: All.
  2. Source zone: lan.
  3. Source address: IP of the client to block.
  4. Destination zone: wan.
  5. Action: drop.

Setting it up like this will deny WAN access for the specified client while leaving LAN communication untouched.

Also, as another answer suggests, you can use the Custom Rules page to set up the same thing. In many cases it can be even more convenient, but it requires you to know iptables syntax.

Hope this information is helpful.

Good luck,

DM

Best answer
by
Thank you for a very good and detailed answer! Now I can block my IP cameras for "reaching out", but still have outgoing internet connection to my Blue Iris, even if they are in the same VLAN!
0 votes
by

Hi,

You can use CUSTOM RULES for defining your own rules.