Hi,

I've got a Vigor 2955 appliance and want two VLANs but restrict what ports are open between the VLANs, they'll be set as

VLAN1 (P0) - Internal PCs and Servers
VLAN2 (P1) - Public facing servers

I can see how you allow the VLANs to talk to one another but its completely open. Looking into the firewall and modifying the call filter doesn't look right as you can only state "WAN -> LAN" or "LAN -> WAN" not "LAN -> LAN"

Any thoughts or suggestions would be great.

Would you not create an explicit rule are the top of the firewall to block all traffic from LAN to LAN then underneath put in the exceptions you want?

sorry Ive not read that right you don't have the LAN to LAN option.

Are you on the latest firmware and most say LAN to LAN or LAN/RT/VPN to LAN/RT/VPN

Hi, the unit is on 3.3.0 firmware, I see that's 0.0.1 behind.

Ill schedule an upgrade and see if that makes a difference

oops - my bad, its not behind on the firmware, just checked it.

I don't have LAN -> LAN in the firewall rules

is the 2955 managing the VLAN to are you doing it from a switch?