USGflex200 - Block communication between LANs
Options
Hello,
I have configured 4 LAN interfaces (LAN group 1,2,3,4) vlans 10,20,30,40.
On Security Policy: there is Implicit rule "Allow LAN to any" and "Allow LAN to Appliance"
Questions:
1. Is possible disable implicit rule LANs to LANs.
2. How to block NEW communications between Vlan 10<->20 but allow (ESTABLISHED and RELATED) VLAN 10->20?
3. How to define Allow LAN 10 to Internet? Available DST option is only "Any/ Device/Country"
I have configured 4 LAN interfaces (LAN group 1,2,3,4) vlans 10,20,30,40.
On Security Policy: there is Implicit rule "Allow LAN to any" and "Allow LAN to Appliance"
Questions:
1. Is possible disable implicit rule LANs to LANs.
2. How to block NEW communications between Vlan 10<->20 but allow (ESTABLISHED and RELATED) VLAN 10->20?
3. How to define Allow LAN 10 to Internet? Available DST option is only "Any/ Device/Country"
0
All Replies
-
Hi @MilDroAnswers are below:(1) It’s a default security policy so cannot be disabled.(2) Not very clear about your requirement. Do you mean only allowing the traffic from valan10 to vlan20? What application scenario do you want to deploy?Or, you can describe more about your requirement for us?(3) You can choose the Destination to Any to allow valn10 hosts to browse the internet.
Thanks.0 -
Hi, more details bellow:
VLAN-20 is for IP Cameras, VLAN-10 is PrivateNetwork for WiFi/LAN.
I want block communication from VLAN20 to VLAN10, but also allow access to Internet from VLAN20.
Secondly, Allow communication from VLAN10 to VLAN20 for monitoring Camera from PC.
If I add rule "Allow vlan20 to Any", it's also allowed vlan20 to vlan10?0 -
According to your requirement, you can configure those three security policies sequentially, as below:
(1). Allow vlan10 to Any
(2). Deny vlan20 to vlan10
(3). Allow vlan20 to Any
Thanks.
0
Categories
- All Categories
- 392 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 220 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight