WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

RUT955 how seperate clients

0 votes
386 views 7 comments
by anonymous

Hi

I have a setting where three pcs are connected to the RUT955 (firmware version RUT9_R_00.07.00.2.).

I want to have a setting were those three clients are seperated from each other (and only can communicate when they are connected to VPN )

My problem is, that they are seeing each other from the beginning.

They are in different subnetworks:

192.168.5.1
192.168.6.1
192.168.7.1 and have a networkmask in the wired settings with 255.255.255.0

When connected to the RUT955 they can ping each other.

How can I seperate them?

As a try I changed the IP addresses of two clients to
192.168.5.1
192.168.5.2
and I tried to insert a Firewall Zone rule like this:

where I tried both all option with rejecting and dropping, hoping I could manage this way to prevent them to see each other when I put them in 5.x ranges.

But it didn't resulted in any different behavior.


Could you please help me to seperate my clients some how?

1 Answer

0 votes
by anonymous

Hello

Thanks for contacting TELTONIKA | Crowd-support forum. 

It’s possible to separate your client by adding a traffic rule.

With Traffic rules, you can filter traffic moving through the device based on IP address, Network segment, Mac address, Zones, Protocol, Port.

Enter in your router’s WebUI, go to Network > Firewall > Traffic Rules and scroll down to the bottom of page, there’s a section for ADD NEW INSTANCE, select Add new forward rule, source zone = lan and destination zone = lan.

The example below would not permit the devices in the network 192.168.20.0/24 to communicate with devices in the network 192.168.30.0/24 

If you want to block the communication from the other sense, you have to add new rule, just changing the network segment.

Should you need any additional information please let us know.

Best Regards

Best answer
by anonymous

Hi,
thanks for your help and sorry for the late response!

I still can't make it working.
I have one pc with 192.168.7.5 and the other one with 192.168.5.5

I tried the following traffic route but still was able to ping 192.1668.5.5 from 192.168.7.5


Can you provide a screenshot for your example? I think you ment to do so as you wrote "the example below ... "


Thanks for your help :)

by anonymous

Hello, 

Please find below the screenshot for the example:

https://community.teltonika-networks.com/?qa=blob&qa_blobid=11770377308301041120

Best regards,

by anonymous

Hi,

mhhh ... it's still not working I still can ping 192.168.5.5 from 178.168.7.5 eventhough I changed it to

sourceIp 192.168.7.0/24 and destination to 192.168.5.0/24

Can you see were I might have made a missconfiguration? I hit apply in the menu and the /firewall/rule menu.
What could I be missing?

by anonymous

Hello again,

The change would take some minutes to be applied. 

Try to reboot your device.

https://wiki.teltonika-networks.com/view/RUT955_Reboot

Best regards,

by anonymous
I plugged my router out and in again, waited until it was up and tried again, but I still reach the other PC ... :/
by anonymous
And after I rebooted the device over the router settings as you suggested it is still not working ...
by anonymous
Hello again,

seems like I can ping but connecting via ssh or similar is successfully blocked :)

So thank you for your help, it seems to be working and pinging is not the way to test :D