DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
v2820Vn - block router access for specific vlan
- mehuge
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 18
- Thank you received: 0
16 Oct 2010 13:43 #64268
by mehuge
v2820Vn - block router access for specific vlan was created by mehuge
Setting up an INTERNET only wireless connection, have SSID2 on VLAN1 with no other ports, so isolated from the rest of the network. However anyone connected to SSID2 can still http/telnet to the router.
Is there a way to prevent this?
Is there a way to prevent this?
Please Log in or Create an account to join the conversation.
- bradley porter
- Offline
- Junior Member
Less
More
- Posts: 75
- Thank you received: 0
23 Oct 2010 22:00 #64387
by bradley porter
Kind regards,
Bradley Porter
Replied by bradley porter on topic v2820Vn - block router access for specific vlan
Hmmm - good question!
In System Maintenance >> Management is there not an Access list which means you only grant access to certain IP's. Would that not resolve the issue?
In System Maintenance >> Management is there not an Access list which means you only grant access to certain IP's. Would that not resolve the issue?
Kind regards,
Bradley Porter
Please Log in or Create an account to join the conversation.
- mehuge
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 18
- Thank you received: 0
23 Oct 2010 23:22 #64397
by mehuge
Yes it would, though it would require assigning a fixed IP to the administering host, and limiting administration to one of up to 4 hosts.
As most of my hosts that I tend to access the routers admin through are dhcp I was hoping for a better option. I suppose I could reserve IPs for those DHCP clients.
Also, the SSID2 clients can still attempt to access the router via telnet (does the IP restrictions apply to telnet connections also?) what about other stuff such as UPnP.
Its a pity SSID2 can't have its own DHCP range, could probably block that range using the firewall in that case.
Perhaps I could reserve IPs for all known devices in a known IP range and block any outside that range or in the rest of the DHCP range using the firewall.
If the firewall could have rules selected by VLAN perhaps the config could perhaps have been simpler.
Replied by mehuge on topic v2820Vn - block router access for specific vlan
Hmmm - good question!Bradley Porter wrote:
In System Maintenance >> Management is there not an Access list which means you only grant access to certain IP's. Would that not resolve the issue?
Yes it would, though it would require assigning a fixed IP to the administering host, and limiting administration to one of up to 4 hosts.
As most of my hosts that I tend to access the routers admin through are dhcp I was hoping for a better option. I suppose I could reserve IPs for those DHCP clients.
Also, the SSID2 clients can still attempt to access the router via telnet (does the IP restrictions apply to telnet connections also?) what about other stuff such as UPnP.
Its a pity SSID2 can't have its own DHCP range, could probably block that range using the firewall in that case.
Perhaps I could reserve IPs for all known devices in a known IP range and block any outside that range or in the rest of the DHCP range using the firewall.
If the firewall could have rules selected by VLAN perhaps the config could perhaps have been simpler.
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek