This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
advanced-access [2022/01/26 18:44] – rs232 | advanced-access [2023/09/12 17:20] (current) – [LAN Access Notes] hogwild | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== LAN Access ===== | + | ====== LAN Access |
- | This page allows you to define LAN to LAN traffic | + | This page allows you to define LAN-to-LAN traffic where it otherwise |
+ | |||
+ | \\ | ||
+ | |||
+ | For example, let' | ||
+ | |||
+ | If you want devices | ||
+ | |||
+ | \\ | ||
+ | |||
+ | {{: | ||
+ | |||
+ | **On:** Checking this enables the rule defined on this row of the table. | ||
+ | |||
+ | **Src:** This displays/ | ||
+ | |||
+ | **Src Address:** This (optional) field narrows the rule to a specific IP address or set of addresses within the Src interface. | ||
+ | |||
+ | **Dst:** Here, you specify the (logical) Destination LAN for the rule on this row of the table. | ||
+ | |||
+ | **Dst Address: **(optional) narrows the rule to a specific IP address or set of addresses within the Dst interface. | ||
+ | |||
+ | **Description: | ||
+ | |||
+ | \\ | ||
+ | |||
+ | \\ | ||
+ | |||
+ | |||
+ | ===== LAN Access Notes ===== | ||
+ | |||
+ | Regardless of LAN Access rules, by default a LANx device is able to reach (e.g. ping) all the router' | ||
+ | |||
+ | All entries in LAN Access are one-way only. \\ | ||
+ | For example, if you want hosts on LAN0 to be able to communicate with hosts on LAN1, | ||
+ | and hosts on LAN1 to be able to communicate with hosts on LAN0, you will need to have two entries in the table to achieve that. | ||
+ | |||
+ | LAN Access is an IP-level access control. \\ | ||
+ | This means that **all ports/ | ||
+ | |||
+ | \\ | ||
+ | |||
+ | \\ | ||
- | {{: | ||
- | **On**: Makes the defined rule active.\\ | ||
- | **Src**: Source logical LAN for the rule.\\ | ||
- | **Src Address**: (optional) narrows down the rule to a specific IP or set of within the Src interface.\\ | ||
- | **Dst**: Destination logical LAN for the rule.\\ | ||
- | **Dst Address**: (optional) narrows down the rile to a specific IP or set of within the Dst interface.\\ | ||
- | **Description**: | ||
- | Please note: regardless of the LAN Access rules, by default a LANx device is able to reach (e.g. ping) all the router' |