Hi,
Long post, much text, sorry for that.
I'm scratching my head over how to configure my RT-AC68U regarding network isolation. I've been reading up on the forum about ebtables but can't get it to work , hence this thread.
So, what do I want to do then? Well, here's the wish-list :
As I said, I've tried to read up about how to do this but to no avail. I can't get it to work. I can create two VLAN's and assign them to a chosen LAN port on the router. I can also use ebtables to block network traffic from these VLAN's to the private network (which is good!), but I can't open up a connection between a specific device on a above mentioned VLAN to my private network. The "ebtables -t broute -I BROUTING"-command blocks traffic between the networks but no matter how hard I try I can't find any "ebtables - filter -I FORWARD"-command that let's traffic pass through. But I might have misunderstood how it all works .
Does anyone has any advice, it would be much appreciated!
Long post, much text, sorry for that.
I'm scratching my head over how to configure my RT-AC68U regarding network isolation. I've been reading up on the forum about ebtables but can't get it to work , hence this thread.
So, what do I want to do then? Well, here's the wish-list :
- Separate my network traffic into 3 parts (all with internet acccess): Private, IoT and Guest
- The networks shall support both wireless and wired access (Guest WiFi already working through built-in feature in the router FW)
- Each of these networks shall be isolated from each other apart from some IoT-devices that need connections to some of the devices on the Private net (i.e. the smart-TV shall be able to access the media-server)
- IoT- and Guest-devices shall NOT be able to login to the router
- I also have a network-printer which Private and Guest devices shall be able to use
As I said, I've tried to read up about how to do this but to no avail. I can't get it to work. I can create two VLAN's and assign them to a chosen LAN port on the router. I can also use ebtables to block network traffic from these VLAN's to the private network (which is good!), but I can't open up a connection between a specific device on a above mentioned VLAN to my private network. The "ebtables -t broute -I BROUTING"-command blocks traffic between the networks but no matter how hard I try I can't find any "ebtables - filter -I FORWARD"-command that let's traffic pass through. But I might have misunderstood how it all works .
Does anyone has any advice, it would be much appreciated!