Need Help with Access Control Rule: Allow Group of IPs Too Access Internet but Not LAN Systems

Need Help with Access Control Rule: Allow Group of IPs Too Access Internet but Not LAN Systems
Need Help with Access Control Rule: Allow Group of IPs Too Access Internet but Not LAN Systems
2018-12-20 07:12:33

Hello,

 

I have a TL-R600VPN and I'm trying to configure an access control rule to allow a set of systems (192.168.1.5-1.92.168.1.10) to only be able to access the internet. This is essentially the equivalent of a Guest subnet.

 

I want to disallow everything on the LAN for those systems (ICMP, http, https, VNC, etc.).

 

I've been able to block ICMP in this fashion through testing, but when I try using the ALL protocol the same way, it doesn't work. VNC still works, for example.

 

The most obvious config for the ACL seemed to be:

Policy = block

Service Type = All

Interface = all

Source = <range listed above>

Destination = IPGROUP_LAN

Effective time = any

 

 

I have no other rules in place, so there is no concern with the ID (placing above or below another rule).

 

 

Can anyone tell me what I'm missing? Thanks!

0
0
#1
Options
1 Reply
Re:Need Help with Access Control Rule: Allow Group of IPs Too Access Internet but Not LAN Systems
2018-12-20 17:21:49 - last edited 2018-12-20 17:22:35

Thank you for your post, but here would be the correct forum where you will be able to be assisted at for SMB router products: https://community.tp-link.com/en/business/forum/3

0
0
#2
Options