www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Separate 2 LANs from each other

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
mcTheo



Joined: 23 Oct 2015
Posts: 1

PostPosted: Fri Oct 23, 2015 11:15 am    Post subject: Separate 2 LANs from each other Reply with quote

Hello,

I'm new to Zeroshell and I want to configure the following:

WAN1 (DSL-Router): 192.168.0.1
WAN2 (DSL-Router): 192.168.1.1

LAN1 and LAN2 should be separated from each other. Both networks should connect to the internet over WAN1 and WAN2.


My current configuration is this:

ETH00: 192.168.0.250
ETH01: 192.168.1.250
ETH02: 192.168.2.250 (guest network)

Net Balancer:
DEFAULT GATEWAY 192.168.0.1 1 Disabled 0
WAN1 192.168.0.1 1 Active 0
WAN2 192.168.1.1 1 Active 0

NAT Enabled:
ETH00
ETH01
EHT02

Both LAN have working internet access. Now I want to separate the networks from each other. At the moment I can ping hosts from one network to the other and the same from the other direction.

I think I need some firewall rules. I tried to drop packets from "Source IP" or with Input ETH02, but I couldn't connect to the internet from this network anymore.

Can someone give me some suggestions or help how I must activate the firewall rules to build some kind of "guest network" for ETH02?

Thank you.
Back to top
View user's profile Send private message
igork



Joined: 16 Oct 2015
Posts: 29

PostPosted: Sun Oct 25, 2015 3:15 pm    Post subject: Reply with quote

Try create Firewall rule where you specify Input as ETH00 and output as ETH01 at the same time. Also, create rule and specify Input as ETH01 and output as ETH00 at the same time.

I did not try it, but I think it should work.
Back to top
View user's profile Send private message
reaperz



Joined: 13 Apr 2012
Posts: 84

PostPosted: Tue Nov 10, 2015 12:12 pm    Post subject: Reply with quote

Yes, just add firewall rules. I confirm, I have it working that way. I got 2 internal networks: corporate LAN and public WIFI. isolated from each other.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group