Restricting guest network from accessing WebUI on RUTX

Problem: The Wiki instructions here show how to restrict guest network access to the RUTX WebUI using a firewall traffic rule. After following the wiki instructions guests can still access the WebUI at 192.168.1.1.

Method used: Restore RUTX50 to factory settings (RUTX_R_00.07.04.5). Follow instructions exactly as shown on Teltonika wiki page.

Reproducible: Yes

Comment: The wiki page screenshots show version RUTX_R_00.07.00. Does the wiki page need updating?

Hello,

Thank you for reaching out!
One thing I would suggest doing is restarting the router, as that will flush any existing connections and might change the behavior of the guest network clients.
If that does not help, could you post a screenshot of your created firewall zone configuration? Additional screenshot of the Network → Firewall → General Settings would also be helpful.
Finally, I’d like you to attach a screenshot of the firewall rule configuration, that blocks the access to ports 22, 80, and 443.
As per the Wiki page firmware, the configuration is still the same (except for the few icons), and the GIF is only for reference-purposes to show where the Advanced mode can be enabled.

Best regards,

Hello,
Here are the 3 requested screenshots. (As I am a new forum user I have to post the screenshots in separate posts.) A restart did not change the behavior.
Thanks for your support.

Thank you!
Could you also upload screenshots of the Wireless Guest interface (Network → Wireless → Guest), as well as the the network interface (Network → Interfaces → General) configuration?
Additionally, could you check if the clients that are connecting to the guest network are getting an IP address from the Guest network?

Best regards,

Here are screenshots of Network-Wireless-Guest and Network-Interfaces-General. Also screenshot of client IP operating on guest network.

Hello,

Could you make sure that:

  • Guest network is removed from the LAN zone networks:

  • WAN zone cannot forward to any destination zones (unless you know you need this):

  • FORWARD flag can be left to Accept in the general firewall settings;

Other than that, I’ve checked your configuration and it seems to be working fine:

As mentioned, try restarting the firewall or the entire device once the configuration is finished.

Best regards,

Thank you Daumantas, your advice has fixed this issue. Very much appreciated!

1 Like

This topic was automatically closed after 15 days. New replies are no longer allowed.