Hello.

I have a new device (Smart TV) that I do not trust with internet access.

But I need to keep it available on the LAN for the AirPlay feature to work.

I have tried setting up Access Control rules, unsuccessfully.

Setting a rule to deny out traffic from the device to any host will also prevent communication with the LAN.

I tried to add a second *whitelist* rule with a MAC target matching a LAN Apple device.

The AirPlay feature remains blocked.

So, is it possible to block WAN for specific devices?

Ideally, I would have liked to specify physical ports for this restriction, as I have seen the device advertise multiple MACs at some point (evasion tentative?).

Regards.