Using RUT955 as a Firewall for allowing only specific IP communications in absence of any internet

Hi,

I have a LAN network working at present using an unmanaged switch, this network contains a server (IP: 192.168.10.10) and a client (IP: 192.168.10.34). Client sends data acquisition requests to server and in response, server hosts data requested by client. All this communication is working over OPC protocol. Since, I am using an undamaged network switch in my infrastructure, any device in 192.168.X.X subnet can act as a client and start fetching data from server. Which is a potential security breach.

As a first step to improve network security, I want to use RUT955 as a firewall so that only above mentioned two IPs can pass through RUT955 and any other unknown IP traffic is dropped.

Since I also want to access RUT955 WebUI, I want to an additional IP (192.168.10.100) to be whitelisted in firewall so that I can connect my laptop in future for RUT955 maintenance purposes.

Can anyone provide an urgent help how I can accomplish this on RUT955? I have tried using iptables and firewall zone based traffic rules, but couldn’t achieve my required functionality. Thanks.

Hi Basit,
I doubt that’s going to work as network packets on the
same subnet (192.168.10.x in your case) do not need to
(and won’t) pass through a firewall.

You could e.g. connect your server to the WAN side and
your client(s) to a different subnet (e.g. 192.168.11.x) on
the LAN side. Then setup the respective firewall rules.

Regards,
Timelapse Admin

This topic was automatically closed after 15 days. New replies are no longer allowed.