Menu
What's new

Edgerouter Lite Questions

D

darrenph1

Getting comfortable
Joined
Feb 10, 2017
Messages
108
Reaction score
42
OK so I have my ERL set up with WAN+2LAN. I have my home and guest network on LAN 1 and the BI CPU and cameras on LAN2. VPN installed and connectable. Everything works great and BI sees the cams.

I was following a tutorial for putting the cameras on their own VLAN on the ERL and switch and blocking anything incoming or outgoing but it was for a Mac using security spy so I couldn't get BI to see the cameras after putting the cameras on the VLAN and adding the VLAN info on the BI nic.

Instead can I just set up firewall rules per camera mac address to just drop everything in/out but OK it for the local?
 
nayr

nayr

IPCT Contributor
Joined
Jul 16, 2014
Messages
9,326
Reaction score
5,325
Location
Denver, CO
you dont need vlan's if your running 2 LAN's (subnets), and using VLAN's will require VLAN capable switching hardware..

you can setup firewall rules between both subnets and each subnet and the internet to control access..
 
D

darrenph1

Getting comfortable
Joined
Feb 10, 2017
Messages
108
Reaction score
42
nayr said:
you dont need vlan's if your running 2 LAN's (subnets), and using VLAN's will require VLAN capable switching hardware..

you can setup firewall rules between both subnets and each subnet and the internet to control access..
Click to expand...
Thanks Nayr! I thought going the 2LAN route would make the VLAN unnecessary. I do have a VLAN capable switch (Ubitquiti) and good to know about blocking between subnets. I wasn't sure if I needed to do that or not.
 
You must log in or register to reply here.
Top