So I have some IP cameras which I would like to block access to the internet but still access them via the Wireguard VPN.
First of all, the BLOCK WAN option in the Glinet interface does not allow them to be available when accessing the network via the Wireguard server VPN. Customer support confirmed this with me.
So this is why I wanted to check if I can use the LuCI OpenWRT interface to block connections. There is this very promising post in the OpenWRT forums which describes how he set a Firewall traffic rule, and it is straight forward: [Solved] Firewall rule to block device from accessing internet - Network and Wireless Configuration - OpenWrt Forum
However when I configure it (see screenshots below), the cameras are still available from the internet. Like the post linked above I set the MAC addresses in the Advanced Settings tab. Yes, I enabled the rule in the firewall traffic rules and pressed “Save & Apply”. I also verified that IPs and MAC addresses are correctly set.
I also tried: setting source IP address as well or instead of the MAC address, changing order of the rule, rebooting router, changing the action from
drop. But nothing worked. Does anyone know why not?
I also tried switching source and destination zone so that any request would not be returned but that did not do anything either.
Any help is much appreciated!