Posted: Fri Feb 28, 2020 18:05 Post subject: Asus RT-AC68U Bridging for IoT Management Question
I am setting up said router to isolate IoT. My trusted VLAN is vlan1, Untrusted is vlan2. I want to allow, for example, trusted smartphone on vlan1 to be able to connect to Iot device on vlan2 but not allow vlan2 devices to initiate connections to vlan1. Can I set up this restricted bridging in the GUI or do I have enter a set of commands to achieve this functionality? What would the commands be if so?
Joined: 08 May 2018 Posts: 14125 Location: Texas, USA
Posted: Fri Feb 28, 2020 18:13 Post subject:
First hurdle would be to use vlan numbers that are not being used by default in the firmware for WAN port and LAN bridge. Second, not sure if the GUI tab works on that router, so you may have to do it via command line over telnet/ssh:
First hurdle would be to use vlan numbers that are not being used by default in the firmware for WAN port and LAN bridge. Second, not sure if the GUI tab works on that router, so you may have to do it via command line over telnet/ssh:
To ban traffic originating from IoT VLAN would I use the DROP rule in iptables? My question is that with this rule will IoT traffic still be allowed to reply to TRUSTED VLAN traffic to IoT VLAN that is initiated from Trusted VLAN?