Restrict access to a specific IP
Freshman Member
Hi,
I addmit that I didn't digg too much…it is easier to ask here questions :)
What I would like to do: I want to restric internal trafic to a server for only a specific MAC address(Ip address) and any other MAC(IP address) that tries to comunicate with the server to be rejected, therefore if I have 192.168.1.2, 3,4,5 as IP clients and 192.168.1.10 server IP, I want only the 192.168.1.2 to have access to the server IP.
Is there any possibility to do it in the router? I use Zyxel ATP200 firewall.
Many thanks!
All Replies
-
Not really in the same subnet because a switch and devices ARP to the given device in the same subnet so Zyxel never sees the traffic even if you port role.
A way I have done is to use proxy arp but on the ATP you need to setup a VLAN with general and a VLAN switch messing with ARP to route traffic through ATP from LAN to LAN rule. Shown here.
Or you can put server on its own subnet LAN which the ATP can firewall but not by MAC so if you want 192.168.1.2 to only have access you can do IP/MAC binding
0
Guru Member
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 82 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 914 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 415 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight
