ACL to forward WAN to LAN TRaffic

Installing and Using OpenWrt
1

Hi to all, i have an openwrt with
10.0.1.0/24
|
|
|
WAN
-Openwrt-
LAN
|
|
|
10.0.2.0/24

I would like to configure the device to allow only some hosts on the 10.0.2.0/24 network via IP or MAC to reach all on the 10.0.2.0/24 LAN.
can make all the hosts of the wan subnet communicate with the lan subnet but I don't understand how to implement an ACL.

You can help me?

2

:spiral_notepad: You didn't provide needed information (e.g. the WAN IP of the OpenWrt).

  1. On the upstream device - Make a static route on the 10.0.1.0/24 router for 10.0.2.0/24 via <interface> gw 10.0.1.x

where x == the IP of the OpenWrt

  1. Disable Masquerade on OpenWrt's WAN
  2. Create traffic rules allowing traffic - as desired

or

:bulb: Just make Port Forwards :wink:

1 Like
3

This is my configuration

image
image1002×294 14.1 KB

with a traffic rule

image
image980×94 5.86 KB

but all wan host can reach every lan host...

where is error?

4

Edit your zone settings and disable zone-to-zone forwarding.

3 Likes