This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
advanced-access [2022/01/05 12:46] – created rs232 | advanced-access [2023/09/12 17:16] – [LAN Access Notes] -add note that table entries only permit traffic in one direction hogwild | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== LAN Access ====== | ||
+ | This page allows you to define LAN-to-LAN traffic where it otherwise would be blocked. | ||
- | Src - Source LAN bridge. | + | \\ |
- | Src Address (optional) | + | |
- | | + | For example, let's say we have two LANs, one primary (LAN0/br0) and one secondary (LAN1/ |
- | Dst Address | + | |
+ | If you want devices on LAN0 to be able to communicate with devices on LAN1 (and vice versa), you might use these settings: | ||
+ | |||
+ | \\ | ||
+ | |||
+ | {{: | ||
+ | |||
+ | **On:** Checking this enables the rule defined on this row of the table. | ||
+ | |||
+ | **Src:** This displays/ | ||
+ | |||
+ | **Src Address:** This (optional) | ||
+ | |||
+ | **Dst:** Here, you specify the (logical) Destination LAN for the rule on this row of the table. | ||
+ | |||
+ | **Dst Address: **(optional) narrows the rule to a specific IP address or set of addresses within the Dst interface. | ||
+ | |||
+ | **Description: | ||
+ | |||
+ | \\ | ||
+ | |||
+ | \\ | ||
+ | |||
+ | |||
+ | ===== LAN Access Notes ===== | ||
+ | |||
+ | Regardless of LAN Access rules, by default a LANx device is able to reach (e.g. ping) all the router' | ||
+ | |||
+ | All entries in the LAN Access table are one-way only. So, if you want hosts on LAN0 to be able to communicate with hosts on LAN1, | ||
+ | you must create have entries in the table to achieve that. One allowing traffic from LAN0 to LAN1 and another allowing traffic from LAN1 to LAN0. | ||
+ | |||
+ | LAN Access is an IP-level access control. This means that **all ports/ | ||
+ | |||
+ | \\ | ||
+ | |||
+ | \\ | ||