Access router from a single device

Dhozor · January 18, 2024, 1:02pm

Hello masters

I have a Nanopi R4S running Openwrt. As it only has two ethernet ports, I use one for WAN and one for LAN, connected to a bridged router. I would like to see a way to allow access to the web page only with an authorized device. I tried to create a vlan and a virtual ethernet, but I was not successful, I believe due to lack of knowledge. I think that if you change the http and https port you will be successful, but if there is a safer way, such as creating a LAN distributing DHCP to the devices, and another without DHCP, but accessing the router, it would be excellent.

t3hn00b · January 18, 2024, 2:57pm

I believe you should first add a traffic rule to allow the accept rule from the specific authorized device (either IP /32 or a vlan) and then set the lan zone firewall accept rule to reject. The lanAdmin zone should again be able to accept the input. First add the rule as otherwise you'll lock yourself out of the device.

egc · January 18, 2024, 5:03pm

In adfition you probably also have to allow dns and dhcp traffic just like when you setup a guest wifi