Ruijie Community

Title: How to block access between different subnet [Print this page]
Author: ty.principal@pe    Time: 2021-6-3 20:47
Title: How to block access between different subnet
Hi All,

I am using EG2100-P V2, setup 2 sub-interface with different subnets, I would like to know deploy the policy that the subnets cannot communicate each other, and only how to access internet.

How can I deploy the settings?

Thanks
Author: GTAC-Daisy    Time: 2021-6-3 21:34
Dear sir,

You can use the ACL to do it.

Please refer to this guide RG-EG Series Gateway Web-Based Configuration Guide

Author: ty.principal@pe    Time: 2021-6-4 06:35
Thanks. how to set the source and destination?  There is no permit/deny with all ip addresses.
Author: GTAC-Daisy    Time: 2021-6-4 16:51
ty.principal@pe replied at 2021-6-4 06:35
Thanks. how to set the source and destination?  There is no permit/deny with all ip addresses.

Source IP is the clients 1 IP
Destination IP is the other client 2 IP which you don't want client 1 to access
Author: ty.principal@pe    Time: 2021-6-4 21:50
Edited by ty.principal@peck.edu.hk at 2021-6-5 17:58

Thanks.

Created a new rule as attached, but still can ping the client address.

Is anything wrong?
5 June: I see that apply the ACL to the policy is required, but still not work after deployed

Screenshot 2021-06-04 at 9.49.22 PM.png (106.33 KB, Downloads: 241)

Screenshot 2021-06-04 at 9.49.22 PM.png
Author: GTAC-Daisy    Time: 2021-6-6 10:53
ty.principal@pe replied at 2021-6-4 21:50
Thanks.

Created a new rule as attached, but still can ping the client address.

Dear sir,

Please check whether you have apply the ACL to the related port
Author: ty.principal@pe    Time: 2021-6-7 00:09
Daisy replied at 2021-6-6 10:53
Dear sir,

Please check whether you have apply the ACL to the related port

I have applied the ACL to the sub interface say 2.1.

However, the machines not only cannot go to the destination subnet, but also cannot access internet (the gateway is 10.90.190.1 from my attached screen.

How can I solve the problem? Thanks
Author: GTAC-Daisy    Time: 2021-6-7 11:14
ty.principal@pe replied at 2021-6-7 00:09
I have applied the ACL to the sub interface say 2.1.

However, the machines not only cannot go to  ...

Add a permit any any ACL on the last of your ACL rule
Author: ty.principal@pe    Time: 2021-6-7 23:08
Daisy replied at 2021-6-7 11:14
Add a permit any any ACL on the last of your ACL rule

Thank. Will try later this week
Author: ty.principal@pe    Time: 2021-6-8 22:46
Daisy replied at 2021-6-7 11:14
Add a permit any any ACL on the last of your ACL rule

seems work, thank you
Author: GTAC-Daisy    Time: 2021-6-9 13:56
ty.principal@pe replied at 2021-6-8 22:46
seems work, thank you

Good job



Welcome to Ruijie Community (https://community.ruijienetworks.com/) Powered by Discuz! X3.2