Set up firewall |
The following firewall configuration is a simple example, to guarantee the basic function of the firewall. If you require further safety adjustments, then adapt this example to your requirements.
Define the interface br0 (the interface for your local network) as a trustworthy interface.
Go to
Firewall->Policies->IPv4
Filter Rules. In the
Default Filter Rules in the Trusted Interfaces area, click the
icon.
Firewall->Policies->IPv4
Filter Rules->Default Filter Rules
Proceed as follows:
Highlight the interface BRIDGE_BR0 as a trustworthy interface.
Make sure that no further interface is highlighted.
Press OK to confirm your entries.
Create a service group with the services which the clients in the guest WLAN wish to use.
Go to Firewall->Services->Groups->New.
Firewall->Services->Groups->New
Proceed as follows:
Enter a Description, e.g. Guest-Local-Access .
Choose the desired Members, e.g. dhcp , dns and echo .
Press OK to confirm your entries.
The configured service group is displayed.
Firewall->Services->Groups
Create a rule, so that your guests can use the services of the DHCP, DNS and Echo, that you have combined in a Service Group.
Go to Firewall->Policies->IPv4 Filter Rules->New.
Firewall->Policies->IPv4 Filter Rules->New
Proceed as follows:
Set Source BRIDGE_BR0-1 .
Set Destination LOCAL .
Set Guest-Local-Access as a Service or service group.
Set Action Access .
Press OK to confirm your entries.
Create a filter rule for the access of your guests to the internet.
Go to Firewall->Policies->IPv4 Filter Rules->New.
Proceed as follows:
Set Source BRIDGE_BR0-1 .
Set Destination WAN_INTERNET .
Select a Service, e.g. any .
Set Action Access .
Press OK to confirm your entries.
Both filter rules are shown.
Firewall->Policies->IPv4 Filter Rules
Add further rules to this if needed.
When you have finished the firewall configuration, you must switch on the firewall.
Go to Firewall->Policies->options.
Firewall->Policies->Options
Proceed as follows:
Activate the IPv4 Firewall Status.
Press OK to confirm your entries.
Copyright© Version 08/2020 bintec elmeg GmbH |