[SOLVED] Secure modem access

I have set up access to my modem via the router and it is all working fine, but I noticed that even my guest networks can access it by IP. I set it all up as below: is there a way to limit modem access only from a trusted network/interface?

config interface 'modem'              
        option proto 'static'         
        option ifname 'eth0.2'        
        option netmask ''
        option ipaddr '10.X.X.X'
config zone
        option name 'wan'
        option output 'ACCEPT'
        option masq '1'
        option mtu_fix '1'
        option input 'DROP'
        option forward 'DROP'
        option network 'wan wan6 modem'

How about:

config rule
	option name 'Deny Modem Access'
	option proto 'all'
	option dest_ip '10.X.X.0/24'
	option target 'REJECT'
	option dest 'wan'

With this rule none of my guest clients can access my modem gui, telnet or ssh.

1 Like

Thank you; it worked.

1 Like

This topic was automatically closed 6 days after the last reply. New replies are no longer allowed.