How to block all clients exept one when backup-internet is active?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

How to block all clients exept one when backup-internet is active?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
How to block all clients exept one when backup-internet is active?
How to block all clients exept one when backup-internet is active?
2022-12-06 12:40:22 - last edited 2022-12-10 13:00:18
Tags: #configure acl
Model: OC200   TL-MR6400   ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 1.9.3

Hi,

 

im using a TL-MR6400 in a separate network with the ip 192.168.2.1/32 one wan port of the ER605 is also in that network and configured as link back-up.

the primary internet is on network 192.168.0.1/32. All the clients are on 192.168.1.0/32

it uses a sim-card with a couple of gb each month. Whe have one mission-critical device with a fixed-ip in the 192.168.1.0/32 range. i want to create a ACL so only that device can use the ER605 and only when the primary internet is down.

 

Can somebody help me how to configure this please.

 

 

  0      
  0      
#1
Options
1 Accepted Solution
Re:How to block all clients exept one when backup-internet is active?-Solution
2022-12-06 16:59:50 - last edited 2022-12-10 13:00:18

  @HarmMuldersICT 

 

You should be able to do this via Policy Routing.  I would disable Failover/Loadbalance and just use a policy route for your 'special' device that allows it to use the other WAN if the primary goes down.  Worst case, you create a PR for every other device that prevents using the other WAN as well.  You just need to create IP groups and apply the rule(s).

 

<< Paying it forward, one juicy problem at a time... >>
Recommended Solution
  0  
  0  
#2
Options
1 Reply
Re:How to block all clients exept one when backup-internet is active?-Solution
2022-12-06 16:59:50 - last edited 2022-12-10 13:00:18

  @HarmMuldersICT 

 

You should be able to do this via Policy Routing.  I would disable Failover/Loadbalance and just use a policy route for your 'special' device that allows it to use the other WAN if the primary goes down.  Worst case, you create a PR for every other device that prevents using the other WAN as well.  You just need to create IP groups and apply the rule(s).

 

<< Paying it forward, one juicy problem at a time... >>
Recommended Solution
  0  
  0  
#2
Options