FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
345 views 2 comments
by anonymous
Hi

I have a RUTX08 where I want to have to separated networks on two ports going to the same WAN port.
LAN 1 dont see LAN2 and visa versa. But both have internett from the same WAN port.
LAN 1 have 192.168.1.x IP range and LAN 2 have 192.168.2.x IP range
 

LAN1 (Interface port 1) - WAN - Internett

LAN2 (Interface port 2) - WAN - Internett

How do I make this configuration correct?

1 Answer

0 votes
by anonymous

Hello,

  

To achieve this, a new VLAN will need to be configured and it will need to be assigned to a separate firewall zone.

Let's say you want LAN1 and LAN3 ports to be in the 192.168.1.0/24 subnet, while the LAN2 port will be in the 192.168.2.0/24.

Let's start by creating a new VLAN. This can be done by navigating to Network → VLAN → Port Based. Press Add button and a new VLAN will get created. On VLAN1 (first row), change the LAN2 port from Untagged to Off. Then for freshly created VLAN(third row), change the LAN2 port to Untagged. Press Save & Apply.

Now, navigate to Network → Interfaces → General, and create a new interface with the name lan2 (can be set to something different). Select the Protocol as Static with the IP address of 192.168.2.1. Set up the DHCP server. In the Physical Settings, select the eth0.3 as the interface and check the Bridge interfaces checkbox. Press Save & Apply.

Finally, the Firewall can be configured. Navigate to Network → Firewall → General Settings. On the lan zone, set the Forward rule to Reject and press Save & Apply.

And this should be it, if connected to the LAN1 or LAN3 ports, you will receive the address from the 192.168.1.0/24 network, and if you connect to LAN2, you'll receive the address from 192.168.2.0/24 address space.

  

Let me know if there are some further questions!

Best regards,
DaumantasG

by anonymous
Hi
I have now tried your settings and I it didnt work.

Lan1 and Lan2 can still reach each other. Tested with ping both gateways. What can make both interfaces connected?
by anonymous
Hello,

  

Only the gateways of these LANs should be reachable to one another, the clients should not be able to reach one another, can you verify that?

  

Best regards,
DaumantasG