WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

RUT240 disable internet over WAN (LTE) for wireless clients

0 votes
2,286 views 3 comments
by
Hey guys,

i hope somebody can help me with the following task. I want to use RUT240 devices to connect an embedded device to the internet. Accessing the internet should only be possible by the embedded device which is connected to the LAN port directly. The wifi interface should only be used to configure the router and accessing the device.
 

Because the sim plan is only very limited (iot plan) i want to prevent that the wan is used by a client (notebook) while configuring the router.

if the notebook wants to get windows updates for example while beeing connected the plan is fastly exceeded?

So, in short form: How can i prevent this?

2 Answers

0 votes
by anonymous
Hi,

you can create two firewall rules that allow your device to reach WAN zone and drop all other clients traffic.
by
Can you provide an example of what is needed to implement this?
by anonymous 



You will have to navigate to Network > Firewall and select Traffic Rules tab.



    


  • Go down by the list and create new Open Ports On Router rule, name it whatever you want, select TCP+UDP and leave external port as blank.
    • 


  • When you in Edit page select source zone as LAN, Destination as WAN and action Reject, Save it. (this will create a rule that forbids LAN clients to access the internet)
    • 


  • Then go and create another rule, name it whatever you like, TCP+UDP, and leave port as blank.
    • 


  • When in edit page check LAN as source zone, fill in your IP address in source IP OR MAC address in "Source MAC address" field, select destination zone as WAN and make sure action is Accept. Save it.
    • 


  • Once you're back in the list make sure the last rule you created (accepting one with MAC or IP) is on top of the forbiding one. You can sort them with arrows next to edit and delete buttons.
    • 


  • Once accepting rule is on top of the forbiding one you can save the whole page and it should work as you wanted it to.



EB.




















 












by 














I have the same issue, the above solution does not work as the 'External Port' field is mandatory. Please help, I need to disable my laptop from accessing the mobile data when connected via USB. Thank you.




















 

 
 

 





 








 
 





0 votes 


























by 
anonymous