This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
advanced-access [2022/02/10 23:18] – [LAN Access] hogwild | advanced-access [2023/09/12 17:16] – [LAN Access Notes] -add note that table entries only permit traffic in one direction hogwild | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== LAN Access ====== | ====== LAN Access ====== | ||
- | This page allows you to define LAN-to-LAN traffic where it otherwise would be blocked. For example, | + | This page allows you to define LAN-to-LAN traffic where it otherwise would be blocked. |
+ | |||
+ | \\ | ||
+ | |||
+ | For example, | ||
+ | |||
+ | If you want devices | ||
\\ | \\ | ||
Line 7: | Line 13: | ||
{{: | {{: | ||
- | **On**: Checking this enables the defined | + | **On:** Checking this enables the rule defined |
- | **Src**: (Logical) Source LAN for the rule on that row of the table. | + | **Src:** This displays/ |
- | **Src Address**: This (optional) field narrows the rule to a specific IP address or set of addresses within the Src interface. | + | **Src Address:** This (optional) field narrows the rule to a specific IP address or set of addresses within the Src interface. |
- | **Dst**: Here, you specifies | + | **Dst:** Here, you specify |
- | **Dst Address**: (optional) narrows the rule to a specific IP address or set of addresses within the Dst interface. | + | **Dst Address: **(optional) narrows the rule to a specific IP address or set of addresses within the Dst interface. |
- | **Description**: This is a free text field in which to enter whatever you wish as a reminder, note etctera.\\ | + | **Description:** This is a free text field in which to enter whatever you wish as a reminder, note etcetera. |
+ | |||
+ | \\ | ||
+ | |||
+ | \\ | ||
Line 23: | Line 33: | ||
Regardless of LAN Access rules, by default a LANx device is able to reach (e.g. ping) all the router' | Regardless of LAN Access rules, by default a LANx device is able to reach (e.g. ping) all the router' | ||
+ | |||
+ | All entries in the LAN Access table are one-way only. So, if you want hosts on LAN0 to be able to communicate with hosts on LAN1, | ||
+ | you must create have entries in the table to achieve that. One allowing traffic from LAN0 to LAN1 and another allowing traffic from LAN1 to LAN0. | ||
+ | |||
+ | LAN Access is an IP-level access control. This means that **all ports/ | ||
+ | |||
+ | \\ | ||
+ | |||
+ | \\ | ||