This shows you the differences between two versions of the page.
Next revision | Previous revisionLast revisionBoth sides next revision | ||
advanced-access [2022/01/05 12:46] – created rs232 | advanced-access [2023/09/12 17:20] – [LAN Access Notes] -clarity on unidirectional nature of rule, formatting hogwild | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== LAN Access ====== | ||
+ | This page allows you to define LAN-to-LAN traffic where it otherwise would be blocked. | ||
- | Src - Source LAN bridge. | + | \\ |
- | Src Address (optional) | + | |
- | | + | For example, let's say we have two LANs, one primary (LAN0/br0) and one secondary (LAN1/ |
- | Dst Address | + | |
+ | If you want devices on LAN0 to be able to communicate with devices on LAN1 (and vice versa), you might use these settings: | ||
+ | |||
+ | \\ | ||
+ | |||
+ | {{: | ||
+ | |||
+ | **On:** Checking this enables the rule defined on this row of the table. | ||
+ | |||
+ | **Src:** This displays/ | ||
+ | |||
+ | **Src Address:** This (optional) | ||
+ | |||
+ | **Dst:** Here, you specify the (logical) Destination LAN for the rule on this row of the table. | ||
+ | |||
+ | **Dst Address: **(optional) narrows the rule to a specific IP address or set of addresses within the Dst interface. | ||
+ | |||
+ | **Description: | ||
+ | |||
+ | \\ | ||
+ | |||
+ | \\ | ||
+ | |||
+ | |||
+ | ===== LAN Access Notes ===== | ||
+ | |||
+ | Regardless of LAN Access rules, by default a LANx device is able to reach (e.g. ping) all the router' | ||
+ | |||
+ | All entries in LAN Access are one-way only. | ||
+ | For example, if you want hosts on LAN0 to be able to communicate with hosts on LAN1, | ||
+ | and hosts on LAN1 to be able to communicate with hosts on LAN0, you will need to have two entries in the table to achieve that. | ||
+ | |||
+ | LAN Access is an IP-level access control. | ||
+ | This means that **all ports/ | ||
+ | |||
+ | \\ | ||
+ | |||
+ | \\ | ||