My LAN address is 192.168.2.0 via LAN 1 and I have set up a remote dial in VPN user to use LAN 2 which has an address of 192.168.1.0.

Questions:

1. Is there anyway in which the remote user can access 2.0? - it is imperative they do not have any access.

2. If isolation does not occur per point 1, how can I ensure they are blocked from having access to 2.0? I have set up a firewall rule, using object, with object one being 1.0 as the source IP and object 2 as being the destination IP. The direction is LAN > LAN and the filter is block immediately.

Provided you don't enable Inter LAN routing (on the LAN General setup page) between 1 and 2 then as far as I'm aware a user with an address assigned in LAN 1 would not be able to access anything in LAN 2.

No need for Firewall rules or anything else.

Piste Basher wrote:
Provided you don't enable Inter LAN routing (on the LAN General setup page) between 1 and 2 then as far as I'm aware a user with an address assigned in LAN 1 would not be able to access anything in LAN 2.

No need for Firewall rules or anything else.

Perfect, thank you very much.