Firewall configuration to restrict trafffic between two different IP networks in LAN

NETWORKING SOLUTIONS
1

Hello,

we want to connect two different IP networks with a Teltonika 950 Router.
Network 1 has the IP 192.168.1.0/24 and
Network 2 has the IP 192.168.23.0/24.

Therefore we created a second Lan interface and assigned the IP 192.168.23.1 to the second Lan interface. So far everything works and devices from both IP ranges could talk to each other.
Further we want to restrict the data traffic in a way that only one specific device from network 1 could talk with one specific device in network 2. Both devices have static IPs.
We could not manage to get this working so far. The data from other devices is still forwarded, no matter what we tried to configure in the firewall.

Do you have any suggestions on how we could achieve a setup, in which only these two specific devices from the two networks could talk to each other and all other traffic is blocked between the two networks ?

In the attachment there are some pictures of our configuration. The firewall rule should block the traffic between the two IPs for testing purposes, this doesn´t work neither.

bild_interface_eigenachaften
bild_interface_eigenachaften1444×571 21.4 KB

bild_interfaces
bild_interfaces1483×566 36 KB

firewall_general
firewall_general1865×920 71.1 KB

traffic_rules
traffic_rules1485×394 19.2 KB

3

Greetings,

Could you confirm whether you still face any difficulties configuring the described setup?

This setup, where end devices from different networks are not allowed to communicate, should generally be achievable by default when Network 2 (192.168.23.0/24) is created as a separate VLAN (assuming it’s been properly configured).

Could you please confirm:

  • That you’ve created a VLAN (port or tag-based) interface, not just two static LAN interfaces under the same zone?

    image
    image1869×400 39.8 KB

  • That the physical interface for lan2 is assigned to the newly created VLAN?

    image
    image1179×305 15.6 KB

For proper VLAN-based network setup, check this wiki configuration guide here:
:blue_book: VLAN Set Up guide

Let me know if this helps or the additional assistance is required.

Best regards,

4

This topic was automatically closed after 60 days. New replies are no longer allowed.