Inter VLAN Routing in one direction
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Hi,
I am sure this has been asked before on this comunity but I can't find the answer.
I have a simple test bench set up with a very simple configuration to try and figure out how to ALLOW connectivity between devices on a Business/Home VLAN to devices on an IOT VLAN but DENY connectivity in the reverse direction.
As I understand it, this can partly be achieved using ALC but as these are Layer 2 rules and not statefull it appears that you need to set a rule for each direction which sort of defeats the objective. I have, therefore, been trying to set up a layer 3 static route in the ER605 to achieve the connectivity (ie two ACL rules on the SG2218 to block VLAN10 and 11 and a static route between 192.168.10.x and 192.168.11.x to connect the two VLANs in one direction). For some reason I just can't get it to work.
I would be grateful for any assistance with this problem as I have been going round and round in circles for days.
Questions -
- Is what I am trying to do actually possible with the above equipment
- what static route should I set in the ER605
- how should I set the ports (for the VLANs) on each of the ports.
