FreshTomato Wiki

User Tools

Site Tools

Trace:
advanced-access

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
advanced-access [2023/09/12 17:20] – [LAN Access Notes] -clarity on unidirectional nature of rule, formatting hogwildadvanced-access [2023/09/12 17:20] (current) – [LAN Access Notes] hogwild
Line 34: Line 34:
 Regardless of LAN Access rules, by default a LANx device is able to reach (e.g. ping) all the router's LAN interfaces (only). This is by design. Regardless of LAN Access rules, by default a LANx device is able to reach (e.g. ping) all the router's LAN interfaces (only). This is by design.
  
-All entries in LAN Access are one-way only. +All entries in LAN Access are one-way only. \\ 
 For example, if you want hosts on LAN0 to be able to communicate with hosts on LAN1, For example, if you want hosts on LAN0 to be able to communicate with hosts on LAN1,
 and hosts on LAN1 to be able to communicate with hosts on LAN0, you will need to have two entries in the table to achieve that.  and hosts on LAN1 to be able to communicate with hosts on LAN0, you will need to have two entries in the table to achieve that. 
  
-LAN Access is an IP-level access control. +LAN Access is an IP-level access control. \\ 
 This means that **all ports/protocols are automatically enabled**. If additional fine tuning is required (for example, you wanted to allow only allow port 80/TCP) you will need to manually configure settings instead. This means that **all ports/protocols are automatically enabled**. If additional fine tuning is required (for example, you wanted to allow only allow port 80/TCP) you will need to manually configure settings instead.
  
advanced-access.txt · Last modified: 2023/09/12 17:20 by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki