Config for restricting/blocking user access to the gateway

Any Config recommendation for restricting all users access to the gateway

If you want to prevent access to the router itself from that network, make sure the associated zone's input rule is set to drop or reject (the default lan network is associated with the lan firewall zone, so if you're close a default condition, this would be the zone to adjust). In most cases, you'll want to create rules to accept port 53 (DNS) and port 67 (DHCP), otherwise devices will not get dhcp leases or dns resolution.

You can see the basic method of this restriction in the firewall section of the guest network tutorial.

Keep in mind, you will need another network or at least one allowed host to configure your router. If you do prohibit input without at least some other way of accessing the router, you will lock yourself out of the device and you’ll need failsafe mode to fix it.


This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.