DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
2830 Inter-LAN Routing
- simon.read
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 21
- Thank you received: 0
07 Aug 2013 20:36 #77289
by simon.read
2830 Inter-LAN Routing was created by simon.read
I have a lab setup with the following equipment to simulate 2 separate subnets which want to share a common WAN connection.
1x Draytek 2830n
1x Draytek AP-800
I have setup 2 VLAN's and assigned a LAN to each;
Subnet 1 - VLAN0 - P1 & SSID1 - LAN1 - 192.168.1.0/24 DHCP enabled
Subnet 2 - VLAN1 - P2 & SSID2 - LAN2 - 192.168.2.0/24 DHCP enabled
The AP-800 has LAN-A connected to P1 and LAN-B connected to P2, I have setup 2 SSID's on the AP-800.
I can connect fine to either the SSID's on the 2830n or the AP-800 and I get issued an IP address on the correct subnet issued from the 2830n.
Expanding this lab I would have two switches also, one connected to P1 and one connected to P2 to give wired access to the networks also.
My problem is that the subnets can access each other; I want the two subnets to be completely isolated e.g. a wireless client on LAN2 couldn't access a wired device on LAN1 or vice-versa.
I have looked at Inter-LAN routing but this doesn't seem to have any effect on the ability to route traffic between the two subnets.
Am I looking at setting up a firewall filtering rule between the subnets?
Any help on this matter to point me in the right direction would be greatly appreciated.
1x Draytek 2830n
1x Draytek AP-800
I have setup 2 VLAN's and assigned a LAN to each;
Subnet 1 - VLAN0 - P1 & SSID1 - LAN1 - 192.168.1.0/24 DHCP enabled
Subnet 2 - VLAN1 - P2 & SSID2 - LAN2 - 192.168.2.0/24 DHCP enabled
The AP-800 has LAN-A connected to P1 and LAN-B connected to P2, I have setup 2 SSID's on the AP-800.
I can connect fine to either the SSID's on the 2830n or the AP-800 and I get issued an IP address on the correct subnet issued from the 2830n.
Expanding this lab I would have two switches also, one connected to P1 and one connected to P2 to give wired access to the networks also.
My problem is that the subnets can access each other; I want the two subnets to be completely isolated e.g. a wireless client on LAN2 couldn't access a wired device on LAN1 or vice-versa.
I have looked at Inter-LAN routing but this doesn't seem to have any effect on the ability to route traffic between the two subnets.
Am I looking at setting up a firewall filtering rule between the subnets?
Any help on this matter to point me in the right direction would be greatly appreciated.
Please Log in or Create an account to join the conversation.
- sicon
- Offline
- Contributor
Less
More
- Posts: 642
- Thank you received: 0
14 Aug 2013 14:26 #77411
by sicon
Replied by sicon on topic Re: 2830 Inter-LAN Routing
If you are using tags then you don't need the two cables plugged into the AP800.
You need to create the SSIDs and disable the 2nd subnet feature.
Associate the SSIDs to its VLAN tags.
Tag the port the 2830 for each VLAN that the AP800 is plugged into.
I hope this makes sense
You need to create the SSIDs and disable the 2nd subnet feature.
Associate the SSIDs to its VLAN tags.
Tag the port the 2830 for each VLAN that the AP800 is plugged into.
I hope this makes sense
Please Log in or Create an account to join the conversation.
- simon.read
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 21
- Thank you received: 0
15 Aug 2013 09:43 #77417
by simon.read
Replied by simon.read on topic Re: 2830 Inter-LAN Routing
Hi sicon
Thanks for your suggestion yes that makes sense, I was using port-based VLAN's rather than using VLAN tags.
I have a setup which has an umanaged switch so that wouldn't pass the VLAN tags, however I could just connect the AP-800 from patch panel straight to P2 and use it without the switch.
I will give that a go.
Cheers!
Thanks for your suggestion yes that makes sense, I was using port-based VLAN's rather than using VLAN tags.
I have a setup which has an umanaged switch so that wouldn't pass the VLAN tags, however I could just connect the AP-800 from patch panel straight to P2 and use it without the switch.
I will give that a go.
Cheers!
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek