I have 4 devices in my network, a RUT955, MSR954, an Aruba AP and fibaro IoT device.
I had to make it so the RUT connects to internet. Either via WAN or if that fails via 4G.
the RUT has 3 ports but I couldn't find if and how to give them separate IPs so the RUTs ip is 10.10.10.1/29
The MSR is connected to the RUT via WAN port (10.10.10.2/29)(I was ordered to use the MSR in the middle to be the main router). MSR uses Comware 7 cli.
The lan ports go to AP and Fibaro. Ge0/1 connects to AP and has been made into hybrid port containing VLANs 11 22 (tagged) and VLAN 33 (untagged). Ge0/2 connects to the Fibaro and is under VLAN 11.
The Aruba AP creates 2 Wifis. One, which is under VLAN 11, for IoT and the other, which is under VLAN 22, for Users. APs IP is 192.168.3.2
VLAN 11 gw is 192.168.1.1
VLAN 22 gw is 192.168.2.1
VLAN 33 gw is 192.168.3.1 (VLAN 33 is mainly for management)
The thing is that I currently can connect to the IoT and User wifis but I can also enter the devices configuration web UIs. How do I block that, so the Users (VLAN 22) and IoT (VLAN 11) wifis can only connect to the internet and can't access anything else in my network?
The IoT devices need to be ablo to only connect to their update sites and nothing else.
Also, if possible, how would I be able to configure VPN so I could access the network remotely?
I am not a good explainer of things, so if anything is unclear, please ask so I can clarify.
No comments:
Post a Comment