USGflex200 - Block communication between LANs
Options
Hello,
I have configured 4 LAN interfaces (LAN group 1,2,3,4) vlans 10,20,30,40.
On Security Policy: there is Implicit rule "Allow LAN to any" and "Allow LAN to Appliance"
Questions:
1. Is possible disable implicit rule LANs to LANs.
2. How to block NEW communications between Vlan 10<->20 but allow (ESTABLISHED and RELATED) VLAN 10->20?
3. How to define Allow LAN 10 to Internet? Available DST option is only "Any/ Device/Country"
I have configured 4 LAN interfaces (LAN group 1,2,3,4) vlans 10,20,30,40.
On Security Policy: there is Implicit rule "Allow LAN to any" and "Allow LAN to Appliance"
Questions:
1. Is possible disable implicit rule LANs to LANs.
2. How to block NEW communications between Vlan 10<->20 but allow (ESTABLISHED and RELATED) VLAN 10->20?
3. How to define Allow LAN 10 to Internet? Available DST option is only "Any/ Device/Country"
0
All Replies
-
Hi @MilDroAnswers are below:(1) It’s a default security policy so cannot be disabled.(2) Not very clear about your requirement. Do you mean only allowing the traffic from valan10 to vlan20? What application scenario do you want to deploy?Or, you can describe more about your requirement for us?(3) You can choose the Destination to Any to allow valn10 hosts to browse the internet.
Thanks.0 -
Hi, more details bellow:
VLAN-20 is for IP Cameras, VLAN-10 is PrivateNetwork for WiFi/LAN.
I want block communication from VLAN20 to VLAN10, but also allow access to Internet from VLAN20.
Secondly, Allow communication from VLAN10 to VLAN20 for monitoring Camera from PC.
If I add rule "Allow vlan20 to Any", it's also allowed vlan20 to vlan10?0 -
According to your requirement, you can configure those three security policies sequentially, as below:
(1). Allow vlan10 to Any
(2). Deny vlan20 to vlan10
(3). Allow vlan20 to Any
Thanks.
0
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 91 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 918 WirelessLAN
- 35 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 920 Nebula FAQ
- 422 Security FAQ
- 238 Switch FAQ
- 208 WirelessLAN FAQ
- 47 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight