FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
490 views 1 comments
by anonymous
Hi!

I would like to deny a specific client to get WAN access, but still be accessable on the LAN side.

I think I could maybe use "Traffic Rules", but there is no "add new rule" button, I can only edit the already exist rules :s.

2 Answers

0 votes
by anonymous

Hi,

You are correct in assuming that it can be done using the "Traffic Rules" page. You can add a rule by using the "New Forward Rule" section.

To block a specific client from WAN access, add a rule like this:

Then in the rule editing window set up your rule like this:

  1. Protocol: All.
  2. Source zone: lan.
  3. Source address: IP of the client to block.
  4. Destination zone: wan.
  5. Action: drop.

Setting it up like this will deny WAN access for the specified client while leaving LAN communication untouched.

Also, as another answer suggests, you can use the Custom Rules page to set up the same thing. In many cases it can be even more convenient, but it requires you to know iptables syntax.

Hope this information is helpful.

Good luck,

DM

Best answer
by anonymous
Thank you for a very good and detailed answer! Now I can block my IP cameras for "reaching out", but still have outgoing internet connection to my Blue Iris, even if they are in the same VLAN!
0 votes
by anonymous

Hi,

You can use CUSTOM RULES for defining your own rules.