10948 questions

13055 answers

20356 comments

27890 members

0 votes
105 views 0 comments
by
Hello everyone,

I want to achieve something with a new RUT360 but not sure how to do it...

I want to have 2 LANs fully separated. The fist (LAN1) will be connected to eth0 and the DHCP with RUT360 as DHCP server on 192.168.1.xxx  subnet. The second (LAN2) will be connected to eth1 but with another router as DHCP server on subnet 192.168.201.xxx. I want to block all packets between these 2 LANs except I want to only transmit the broadcast packets addressed to port UDP 7000 from LAN2 to LAN1 (broadcast as well). Can someone help me with this? I'm a bit lost between interface bridges, VLANs, zones and port forwarding rules...

Thanks a lot for your help,

1 Answer

0 votes
by

Hello and thank you for contacting us, this is Martín, Tech Support Engineer from Teltonika Networks.

To do this setup, you will first need to set up Port-Based VLAN's, assign them each to a specific LAN interface, configure each LAN to have Static Addresses and setup DHCP a DHCP server where required, and also, configure a Firewall between the two LAN's.

The following configurations are for the firmware 07.01.4. Please enable the Advanced mode in order to see all the settings.

First, to fully separate the 2 LAN's you need to make a port-based VLAN. Instructions on how to do so can be found here. After creating the two VLAN's, new virtual names for the phyisical interfaces will be created, so please keep in mind which interfaces belong to each port you plan on using for the VLAN's.

Then, you must head to Network>Interfaces, create a new interface by using a descriptive name, and afterwards, click on the pen icon to edit the settings of each LAN. For the LAN1, you must select the Static protocol, write the LAN IP address settings you plan on using, and afterwards to set up DHCP proceed by clicking on the "Setup DHCP Server" button and configuring accordingly. Then, you must go to Physical Settings and select the according interface. This will link the created LAN to the specific port of the device.

For LAN2 you must repeat the process for LAN1, and select Static IP address, but don't setup a DHCP server, and this too needs to be linked to its correct physical interface.

The creation of these interfaces will also create firewall zones, and this allows the creation of custom rules between zones. To continue with your setup, you must then create firewall rules to allow only the traffic from LAN2 to LAN1 trough port 7000 with UDP. Detailed instructions on how to use the Firewall for the RUT360 can be found here.

Finally, our Wiki has documentation about our devices and features, and configuration examples which can be useful to help you configure this setup. You can access our Wiki on the link here.

I remain attentive to any further comments.