Joined: 07 Dec 2017
|Posted: Tue Dec 11, 2018 14:37 Post subject: Separating IPs within a network
|I have seen close to what I was thinking of doing, but nothing quite seems to match up.
What I am looking to do is, possibly with IP tables in the firewall, to keep a range of IP addresses from communicating with every other device on the network except for the gateway router with NAS attached. I want all devices on the network to still be able to access the NAS on the gateway router.
So, basically, any "Smart" device I don't want talking to any other device except the router. (They're fine on their own, but when they get together, I think they're talking about me... right? LOL)
I've got them in DHCP'd to a IPv4 range of 192-199.
All devices are wired.
Can such a thing be done, with the IP range provided, through IP tables and the firewall?
I don't know how easily setting up VLANS would be, if it depends on hardwired ports.
Any thoughts, ideas?
Joined: 16 Nov 2015
Location: UK, London, just across the river..
|Posted: Tue Dec 11, 2018 15:33 Post subject:
|its always like that with your router and that build you are running...
also you can separate your network with vlans but cannot limit LAN to LAN communication with iptables rules as the firewall works WAN to LAN only...
you better isolate either with vlans or another router
i ve found that with another router was more flexible for me in the past but its one more device case....
TP-Link WR740Nv1 ---DD-WRT 47117 BS AP,NAT
TP-Link WR1043NDv2 -DD-WRT 47481 BS AP,NAT,AP Isolation,Ad-Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 -DD-WRT 47381 BS AP,NAT,Ad-Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 -Gargoyle OS 1.13.0b AP,NAT,QoS,Quotas
Netgear R7800 --DD-WRT 47381 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT,Vanilla
Netgear R9000 --DD-WRT 47481 BS AP,NAT,AD-Block,AP Isolation,Firewall,Local DNS,DoT,2,4Ghz only,Vanilla
Netgear R7000 ---DD-WRT 47381 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,VLAN's,DoT,VPN
Stubby for DNS over TLS I DNSCrypt v2 by mac913