Set up firewall |
The following firewall configuration is a simple example, to guarantee the basic function of the firewall. If you require further safety adjustments, then adapt this example to your requirements.
Define the interface br0 (the interface for your local network) as a trustworthy interface.
Go to Firewall->Policies->IPv4 Filter Rules. In the Default Filter Rules in the Trusted Interfaces area, click the icon.
Proceed as follows:
Highlight the interface BRIDGE_BR0 as a trustworthy interface.
Make sure that no further interface is highlighted.
Press OK to confirm your entries.
Create a service group with the services which the clients in the guest WLAN wish to use.
Go to Firewall->Services->Groups->New.
Proceed as follows:
Enter a Description, e.g. Guest-Local-Access .
Choose the desired Members, e.g. dhcp , dns and echo .
Press OK to confirm your entries.
The configured service group is displayed.
Create a rule, so that your guests can use the services of the DHCP, DNS and Echo, that you have combined in a Service Group.
Go to Firewall->Policies->IPv4 Filter Rules->New.
Proceed as follows:
Set Source BRIDGE_BR0-1 .
Set Destination LOCAL .
Set Guest-Local-Access as a Service or service group.
Set Action Access .
Press OK to confirm your entries.
Create a filter rule for the access of your guests to the internet.
Go to Firewall->Policies->IPv4 Filter Rules->New.
Proceed as follows:
Set Source BRIDGE_BR0-1 .
Set Destination WAN_INTERNET .
Select a Service, e.g. any .
Set Action Access .
Press OK to confirm your entries.
Both filter rules are shown.
Add further rules to this if needed.
When you have finished the firewall configuration, you must switch on the firewall.
Go to Firewall->Policies->options.
Proceed as follows:
Activate the IPv4 Firewall Status.
Press OK to confirm your entries.
Copyright© Version 01/2020 bintec elmeg GmbH |