Set up firewall

The following firewall configuration is a simple example, to guarantee the basic function of the firewall. If you require further safety adjustments, then adapt this example to your requirements.

Define bridge interface as trustworthy

Define the interface br0 (the interface for your local network) as a trustworthy interface.

Go to Firewall->Policies->IPv4 Filter Rules. In the Default Filter Rules in the Trusted Interfaces area, click the icon.

Firewall->Policies->IPv4 Filter Rules->Default Filter Rules

Proceed as follows:

  1. Highlight the interface BRIDGE_BR0 as a trustworthy interface.

  2. Make sure that no further interface is highlighted.

  3. Press OK to confirm your entries.

Create service group

Create a service group with the services which the clients in the guest WLAN wish to use.

Go to Firewall->Services->Groups->New.

Firewall->Services->Groups->New

Proceed as follows:

  1. Enter a Description, e.g. Guest-Local-Access .

  2. Choose the desired Members, e.g. dhcp , dns and echo .

  3. Press OK to confirm your entries.

The configured service group is displayed.

Firewall->Services->Groups

Creating Ipv4 filter rules

Create a rule, so that your guests can use the services of the DHCP, DNS and Echo, that you have combined in a Service Group.

Go to Firewall->Policies->IPv4 Filter Rules->New.

Firewall->Policies->IPv4 Filter Rules->New

Proceed as follows:

  1. Set Source BRIDGE_BR0-1 .

  2. Set Destination LOCAL .

  3. Set Guest-Local-Access as a Service or service group.

  4. Set Action Access .

  5. Press OK to confirm your entries.

 

Create a filter rule for the access of your guests to the internet.

Go to Firewall->Policies->IPv4 Filter Rules->New.

Proceed as follows:

  1. Set Source BRIDGE_BR0-1 .

  2. Set Destination WAN_INTERNET .

  3. Select a Service, e.g. any .

  4. Set Action Access .

  5. Press OK to confirm your entries.

Both filter rules are shown.

Firewall->Policies->IPv4 Filter Rules

Add further rules to this if needed.

Switch on firewall

When you have finished the firewall configuration, you must switch on the firewall.

Go to Firewall->Policies->options.

Firewall->Policies->Options

Proceed as follows:

  1. Activate the IPv4 Firewall Status.

  2. Press OK to confirm your entries.

Copyright© Version 01/2020 bintec elmeg GmbH