Hi everyone,
I am trying to setup an RUT956, but it seems to behave different than expected.
I’ve updated the device to the latest firmware variant (07.05) but that didn’t work.
My goal:
Get 2 internal networks,
VLAN1, connected to Lan port 1 and 2, with dhcp server on 192.168.1.x
This network will get internet access to WAN, 4G and (temporarily) a wifi client link.
VLAN2, is only connected to LAN port 3, with its own dhcp server on 192.168.2.x.
No Wan access, only internal routing.
Both VLAN’s are to be completely separate from eachother.
What i have done:
Create 2 port based vlans:
Vlan 1 has LAN1 and LAN2 untagged, LAN3 and WAN off.
VLAN 2 has LAN3 untagged, LAN1, LAN2 and WAN off
Create 2 LAN interfacs:
“LAN”,
- General settings: static, ip address 192.168.1.1
- physical settings: bridge intefaces: OFF, interface: eth0.1.
- firewall settings: create/assign firewall zone: LAN (pre-exisiting)
- DHCP settings: DHCP enable, IP range 100-254, lease 12h
- Other tabs unchanged
“internal_only”
- General settings: static, ip address 192.168.2.1
- physical settings: bridge intefaces: OFF, interface: eth0.2.
- firewall settings: create/assign firewall zone: internal_lan (created)
- DHCP settings: DHCP enable, IP range 100-254, lease 12h
- Other tabs unchanged
Firewall settings:
LAN-> WAN: In & output: accept, forward: reject
WAN → LAN: Input & forward: reject, output: accept
internal → WAN+LAN: all reject
WAN → internal: all reject
LAN–> internal: all reject
Now, if i connect my laptop to LAN2. I get an 192.168.1.x IP address as expected.
However, i’m still able to ping both 192.168.1.1 and 192.168.2.1, while the last should not be possible.
If i connect my laptop to LAN3, i’d expect a 192.168.2.x address, but i get no lease at all. the DHCP request times out.
As far as i’m aware, i’m doing all steps from these guides:
https://wiki.teltonika-networks.com/view/VLAN_Set_Up
https://wiki.teltonika-networks.com/index.php?title=VLAN_Inter-Zone_accessibility_control_configuration_example
But apparently i’m missing something.