This page allows you to define LAN-to-LAN traffic where it otherwise would be blocked.

For example, let's say we have two LANs, one primary (LAN0/br0) and one secondary (LAN1/br1).

If you want devices on LAN0 to be able to communicate with devices on LAN1 (and vice versa), you might use these settings:

On: Checking this enables the rule defined on this row of the table.

Src: This displays/allows you to configure the (Logical) Source LAN for the rule on that row of the table.

Src Address: This (optional) field narrows the rule to a specific IP address or set of addresses within the Src interface.

Dst: Here, you specify the (logical) Destination LAN for the rule on this row of the table.

Dst Address: (optional) narrows the rule to a specific IP address or set of addresses within the Dst interface.

Description: This is a free text field in which to enter whatever you wish as a reminder, note etcetera.

Regardless of LAN Access rules, by default a LANx device is able to reach (e.g. ping) all the router's LAN interfaces (only). This is by design.

LAN Access is an IP-level access control. This means that all ports/protocols are automatically enabled. If additional fine tuning is required (for example, you wanted to allow only allow port 80/TCP) you will need to manually configure settings instead.