Block access to LAN side of WAN port IP range

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Block access to LAN side of WAN port IP range

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Block access to LAN side of WAN port IP range
Block access to LAN side of WAN port IP range
2022-12-11 11:47:07
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.0.1 Build 20220223 Rel.68551

Hello,

 

One of my clients is providing internet access from their router to a nearby business.

 

I am using a Er605 router. Network cable coming from switch of company suppling internet access is plugged into Er605 giving it internet access and a new IP subnet for business 2.

 

Problem is business 2 should only be receiving internet access from business 1 and the LAN sides should have no access to each other.

 

I am trying to block LAN access from the incoming WAN port IP range.

 

Incoming WAN range - 192.168.178.1

New LAN range on er605 is 192.168.0.1

 

Problem is 192.168.0.1 has LAN access to 192.168.178.1

 

I need it to get internet on WAN port but not to have LAN access to WAN port ip range.

 

I have tried creating ACL's and everything but cannot get it to work.

 

Regards

  0      
  0      
#1
Options
1 Reply
Re:Block access to LAN side of WAN port IP range
2022-12-12 07:04:49

  @PCHIT 

Check you ACL settings, make sure you have IP Group LAN deny to 192.168.178.0/24, and direction is LAN-WAN.

  0  
  0  
#2
Options