LAN to LAN firewall rules

amd.64 · January 19, 2025, 3:15am

Is it possible to block all traffic between two LANs with the exception a few devices on each LAN

For Example if I have the following LANs
192.168.10.0/24
192.168.20.0/24

On the 192.168.10.0 I want to only allow say 192.168.10.90 and .91 can exchange traffic with device having IPs in the 192.168.20.1 to .10 range. All other traffic from all other devices on both networks should be blocked or rejected.

Thank You

psherman · January 19, 2025, 3:24am

Yes, between two subnets, you can absolutely control the allowed/denied routing with the firewall.

You'll create firewall rules with the source and destination IP addresses. You can even use IP sets to make this an easy 1 rule configuration.

amd.64 · January 19, 2025, 9:45pm

Do you know of a link that explains how to do this?

psherman · January 19, 2025, 10:30pm

Honestly, I'm not sure. Check here, though:
https://openwrt.org/docs/guide-user/firewall/start