How to restrict IP camera that connected to GL-MT3000 by "Wifi" to be accessible only once i connect by Wiregaurd outside of home network?
I already setup WireGaurd and able to connect from cellphone to the home network without any issue.
I tried the firewall traffic unde rLuci > Network > Firewall > Traffic Rules. to block an access to make it go throw only Wireguard from UI interface but i was not able to do that.
I need help to setup the way that I can access and see the IP camera once using the Wiregaurd only and prevent any other external access to the camera; EXCEPT i use Wiregaurd outside the network.
Hi,
Let me explain again:
Above screenshot is current setup which i think its wrong.
IP camera connect to GL Router by WIFI and connect to internet by 2.5WAN by cable.
WiFi should be should be accepted and receive from IP Camera but should not be OPEN to outside world until I use WireGaurd.
I should be able to see IP Camera once using WireGaurd only.
I need to block IP camera that does not send data to outside until i use WireGaurd connection.
Router has firewall rules (default: deny WAN access to the LAN) and NAT, where the IP camera is on the LAN and the external network (WAN) is not allowed to be accessed, so only on LAN client to access to the IP camera.
If on an external network, only a WireGuard VPN to connect to the router, and that will allow the WireGuard client to access the LAN (including the IP camera).
Thus, these protections/configurations make the IP cameras to passively establish data links with clients, thus meeting this requirements:
Note: Unless the IP camera actively sends data packets to the outside. BUT if we add a rule to the firewall to intercept IP camera packets of LAN, it will prevent the WireGuard client from accessing the camera.
