UAG 5100 seperating the lan
Hello Support team,
I am going to use the UAG5100 for my hotel. I have an extra gatway for my UAG. So I set the WAN Port as an ethernal (that works well), the Lan1 for my manage Lan, and Lan2 for the guests. I hope this is the correct way to do so.
lan1 has the privat IP adress (192.168.0.10) without dhcp. It is only to manage the UAG.
lan2 has the privat IP 10.60.1.1/22 for guests.
dmz at the moment isn´t in use.
It works well, the guest PC (test in my office) gets the right IP (10.60.1.5) and force me to enter the code. Well done. But I can still connect to my mgmt lan1 and to all my devices (switches, APs and Router). I do have to set same rouls to prohibit this, but I don´t know how.
I am going to use the UAG5100 for my hotel. I have an extra gatway for my UAG. So I set the WAN Port as an ethernal (that works well), the Lan1 for my manage Lan, and Lan2 for the guests. I hope this is the correct way to do so.
lan1 has the privat IP adress (192.168.0.10) without dhcp. It is only to manage the UAG.
lan2 has the privat IP 10.60.1.1/22 for guests.
dmz at the moment isn´t in use.
It works well, the guest PC (test in my office) gets the right IP (10.60.1.5) and force me to enter the code. Well done. But I can still connect to my mgmt lan1 and to all my devices (switches, APs and Router). I do have to set same rouls to prohibit this, but I don´t know how.
0
Best Answers
-
@Eddwood
You can create the profile as below on security policy to fulfill your scenario.
The rule should be configured: From:Lan1 to Lan2, Action: deny. and From:Lan2 to Lan1, Action: deny.0 -
Thanks Charlie for answer. I will try that.0
All Replies
-
Any ideas? I still can´t use it.
I figuered out, that the internet connection is not on WAN, but it use the Lan1 port. So I have more problems. Any admins here to help me out to fix my problems?0 -
@Eddwood
You can create the profile as below on security policy to fulfill your scenario.
The rule should be configured: From:Lan1 to Lan2, Action: deny. and From:Lan2 to Lan1, Action: deny.0 -
Thanks Charlie for answer. I will try that.0
-
OK, it works.Thanks Charlie.
Next question.I would like to use a gateway for wan1. Not for lan1. Lan1 is only for managing the USG. In lan1, however, there is also a router that is on the Internet. My UAG is currently not getting the gateway from wan1 but from lan1. Can i change that?0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight