Hello.
I have 4 different LAN configured in my RUTX50 router. One in each LAN interface. My WAN interface is mob1s1a1.
I want 192.168.1.0/24 to have access to the internet and to the router administration and the other three LAN (192.168.2.0/24, 10.10.2.0/24 and 10.100.2.0/24) to access internet and not access router administration(web, telnet, CLI).
what is the best way to configure this?
Thank You
Rui Gonçalves
Hi,
The simplest solution would likely be to set up a firewall rule to block/reject traffic from these LAN networks (192.168.2.0/24, 10.10.2.0/24, and 10.100.2.0/24) coming to your router. If you encounter any issues configuring this, don’t hesitate to contact us. However, this process should be fairly straightforward in general.
Best regards,
Thank you for your quick response.
When I create the FW rule it seems DNS requests are blocked.
Cant reach internet using a web browser.
Here is my rule:
Set Protocol to TCP.
DNS is UDP and should work then.
ok, seems to work blocking TCP.
Thank you
Yes, access to your router’s web interface is a TCP connection.
DNS requests are usually UDP traffic.
This is why it works now.
Happy weekend 
Hi,
When selecting zones keep in mind that you want to prohibit traffic from LAN to LAN in this case both zones (marked in the image below) should be set to LAN. Don’t forget to assign prohibited ports too
Best regards,
This topic was automatically closed 40 hours after the last reply. New replies are no longer allowed.