Hi everyone.

I have created VLANS for my household envirenment, given that there are quite a few diferent equipment, like cctv, pc's, and IOT's.

Now, my IoT's, like for example my bedside table lenovo radio/alarm/clock. When I want to youtube music from my phone to this IoT device, I am having to, at the moment, to get out of the current wifi that my phone is connected to, and connect to the same VLAN (wireless) that my IoT device is on. Only then can I connect youtube music to that device.

Now, is there a way that I can creat an access control list to allow my mobile phone (mac binding IP, so always the same IP) and allow it to acess that IoT device (also mac binding)? I could always do inter-vlan routing but i'd rather limit the amount of devices that can communicate with each other.

I could do this about 10 years ago wheh I used to do Cisco, but on the command line, never on a UGI.

I am quite new to Draytek routers but so far I am loving it.

Any help would be much appreciated.

Thanks everyone.
Albert

I don't think your Access Control approach can work because as far as the router is concerned there is no connection between the LANS.

Perhaps you could allow Inter-LAN routing but set a firewall rule to block everything but that one IP? I'm not sure at what "level" the firewall operates so I don't know how feasible this is but maybe worth a try?

Thank you. I will have a try. Thanks for you sugestion.

Hi.
After cross VLAN routing I can now ping the devices but they won't show on the mobile phone VLAN.

More so i can specify a rule on the firewall to allow traffic to passthrough from mobile (VLAN1) 192.168.1.4 to Alarm clock (VLAN3) 192.168.3.1, and the firewall diagnose will pick this up as either an established rule or default. I can even block it and the diagnose feature shows it working to that effect, yet I can't connect to any of them IoT devices as they won't show.

This is cracking me up but I'll keep pushing.

Thanks

Hi all.

I have just found this article. Will give it a go.

https://baihuqian.github.io/2020-12-13-secure-home-network-using-chromecast-across-vlans/

Thanks

Hi all.

I have done inter-lan routing and I can't still send music from my mobile phone (VLAN1) to my IoT (VLAN2).

Now I can ping the IoT device from VLAN1 PC no problem.

It still only works if my mobile phone is on the same VLAN as the IoT.

Any pointers much appreciated.

Thanks
Albert