ATP100: Keeping Lan1 and Lan2 completely separated

ChipConnJohn
ChipConnJohn Posts: 44  Freshman Member
Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula First Comment Fourth Anniversary
Hello all,

I have an ATP100.  I have Lan1 set up as my primary network.  I want to set up Lan2 for IoT and have it completely isolated from Lan1.  
What settings do I need to configure other than just setting up a different IP range?
I definitely don't want Lan2 to be able to access the Zyxel in any way.

Thanks,
-John

All Replies

  • mMontana
    mMontana Posts: 1,380  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    What settings do I need to configure other than just setting up a different IP range?

    Appropriate firewall/Security policy rules.
    These rules will let you specify to your ATP100 what should do about traffic between:

    • LAN2 and LAN1
    • LAN2 and Zywall/ATP100
    • LAN2 and internet
    Also don't forget than if you don't put a DHCP Server on your LAN2 segment, some degree of access/communication with ATP100 should be allowed, or every your IoT device should be manually configured for IPv4 stack.
    I'd use my firewall as DHCP, mostly for allowing reservations and... denial of access. You can still configure a... wrong address for the wrong (unwanted) macaddress for not allowing TCP/IP communication.

Security Highlight