Restrict access to a specific IP

Options
MariusVoicu79
MariusVoicu79 Posts: 16  Freshman Member
10 Comments

Hi,

I addmit that I didn't digg too much…it is easier to ask here questions :)

What I would like to do: I want to restric internal trafic to a server for only a specific MAC address(Ip address) and any other MAC(IP address) that tries to comunicate with the server to be rejected, therefore if I have 192.168.1.2, 3,4,5 as IP clients and 192.168.1.10 server IP, I want only the 192.168.1.2 to have access to the server IP.

Is there any possibility to do it in the router? I use Zyxel ATP200 firewall.

Many thanks!

All Replies

  • PeterUK
    PeterUK Posts: 2,749  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited March 2023
    Options

    Not really in the same subnet because a switch and devices ARP to the given device in the same subnet so Zyxel never sees the traffic even if you port role.

    A way I have done is to use proxy arp but on the ATP you need to setup a VLAN with general and a VLAN switch messing with ARP to route traffic through ATP from LAN to LAN rule. Shown here.

    Or you can put server on its own subnet LAN which the ATP can firewall but not by MAC so if you want 192.168.1.2 to only have access you can do IP/MAC binding

Security Highlight