Restrict access to a specific IP
Freshman Member
Hi,
I addmit that I didn't digg too much…it is easier to ask here questions :)
What I would like to do: I want to restric internal trafic to a server for only a specific MAC address(Ip address) and any other MAC(IP address) that tries to comunicate with the server to be rejected, therefore if I have 192.168.1.2, 3,4,5 as IP clients and 192.168.1.10 server IP, I want only the 192.168.1.2 to have access to the server IP.
Is there any possibility to do it in the router? I use Zyxel ATP200 firewall.
Many thanks!
All Replies
-
Not really in the same subnet because a switch and devices ARP to the given device in the same subnet so Zyxel never sees the traffic even if you port role.
A way I have done is to use proxy arp but on the ATP you need to setup a VLAN with general and a VLAN switch messing with ARP to route traffic through ATP from LAN to LAN rule. Shown here.
Or you can put server on its own subnet LAN which the ATP can firewall but not by MAC so if you want 192.168.1.2 to only have access you can do IP/MAC binding
0
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 150 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 269 USG FLEX H Series
- 273 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 389 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 74 Security Highlight
