So I have a router feeding a L2 switch with 2 vlans. The router is providing Internet to both networks.
192.168.101.0/24 - (aka VLAN 1) - ports 2-16, Internet access (Rack Pc, Apple TV, client devices)
192.168.102.0/24 (aka VLAN 2) - ports 17-24, Internal Network for A/V equipment, I do not want Internet to be accessible on this network, it is for A/V equipment to speak to one another.
The thing is I need one device on the A/V network to be accessed remotely...
Can I edit the DHCP server for the A/V network to distribute DNS (Or gateway?) address "56.56.45.34" or something random to the A/V DHCP clients? That way if someone accidently plugs into this network, they won't be able to access Internet?
And for the one device that needs Internet access, I could set the correct config on there as a static...
I don't mind using the firewall, but the objective is to keep it simple, and if I plug in my laptop into the AV network and need new firmware or something, to be able to just go into my network settings and put in the correct IP address
Any one see any issues here?
Switch: DLINK DGS1210-52, Firewall: ER-LITE3, Needy device: QSYS CORE
tl;dr: I have two networks - one with Internet and one that should not have Internet, but I have a device (with one port) that needs access to the Internet *and* to control devices on the non-internet network -- any way to do with without complex FW rules?
No comments:
Post a Comment