11447 questions

13643 answers


32146 members

0 votes
168 views 7 comments


I have a setting where three pcs are connected to the RUT955 (firmware version RUT9_R_00.07.00.2.).

I want to have a setting were those three clients are seperated from each other (and only can communicate when they are connected to VPN )

My problem is, that they are seeing each other from the beginning.

They are in different subnetworks: and have a networkmask in the wired settings with

When connected to the RUT955 they can ping each other.

How can I seperate them?

As a try I changed the IP addresses of two clients to
and I tried to insert a Firewall Zone rule like this:

where I tried both all option with rejecting and dropping, hoping I could manage this way to prevent them to see each other when I put them in 5.x ranges.

But it didn't resulted in any different behavior.

Could you please help me to seperate my clients some how?

1 Answer

0 votes


Thanks for contacting TELTONIKA | Crowd-support forum. 

It’s possible to separate your client by adding a traffic rule.

With Traffic rules, you can filter traffic moving through the device based on IP address, Network segment, Mac address, Zones, Protocol, Port.

Enter in your router’s WebUI, go to Network > Firewall > Traffic Rules and scroll down to the bottom of page, there’s a section for ADD NEW INSTANCE, select Add new forward rule, source zone = lan and destination zone = lan.

The example below would not permit the devices in the network to communicate with devices in the network 

If you want to block the communication from the other sense, you have to add new rule, just changing the network segment.

Should you need any additional information please let us know.

Best Regards

Best answer

thanks for your help and sorry for the late response!

I still can't make it working.
I have one pc with and the other one with

I tried the following traffic route but still was able to ping 192.1668.5.5 from

Can you provide a screenshot for your example? I think you ment to do so as you wrote "the example below ... "

Thanks for your help :)



Please find below the screenshot for the example:


Best regards,



mhhh ... it's still not working I still can ping from eventhough I changed it to

sourceIp and destination to

Can you see were I might have made a missconfiguration? I hit apply in the menu and the /firewall/rule menu.
What could I be missing?


Hello again,

The change would take some minutes to be applied. 

Try to reboot your device.


Best regards,

I plugged my router out and in again, waited until it was up and tried again, but I still reach the other PC ... :/
And after I rebooted the device over the router settings as you suggested it is still not working ...
Hello again,

seems like I can ping but connecting via ssh or similar is successfully blocked :)

So thank you for your help, it seems to be working and pinging is not the way to test :D