Zywall USG 40 - configure only LAN ( NO INTERNET) to access point WIFI

Planetech
Planetech Posts: 3  Freshman Member
First Comment
edited April 2021 in Security
Hi, excuse me for my english...
how can I configure Zywall USG 40 for set WIFI Clients with no INTERNET, but they must print or read share folders in LAN.

All Replies

  • PeterUK
    PeterUK Posts: 3,645  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    Do you have the USG40W ? or is wireless done by another device?

    By default their is a rule to allow LAN1 to WAN their are may way you can limit given devices to not have internet. best thing to do is by DHCP to reserve the IP for given devices make a group of the IP's then a rule to block from LAN1 to WAN.   
  • Planetech
    Planetech Posts: 3  Freshman Member
    First Comment
    Wireless is done by a Zyxel NWA1123-AC PRO.
    If I connect access point in LAN 2 port and then I create a Rule to block LAN2 to WAN ....is correct?
    I need configure VLAN or not?
    Thanks
  • Zyxel_Emily
    Zyxel_Emily Posts: 1,409  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    Hi @Planetech,

    If the access point is connected in LAN2, add a security policy rule to block LAN2 to WAN.

    From: LAN2

    To: WAN

    Action: deny

    Log: log/log alert


  • Planetech
    Planetech Posts: 3  Freshman Member
    First Comment
    thanks..in this case traffic between LAN1 and LAN2 is allow? I need this..
    Next week I'll try this configuration to my office. thanks.
  • Zyxel_Emily
    Zyxel_Emily Posts: 1,409  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Traffic is allowed between LAN2 and LAN1 because of security policy rule #2 and #3.
    Remember to add the new policy “From LAN2 to WAN, deny” in rule #1.


Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)