Hi everyone !
I am looking to connect all my IoT devices to my Beryl secondary router and isolate them from internet.
However, I still want to have my main devices (phone / laptop) on the primary router and being able to control the IoT devices in the travel router.
I have edited the /etc/config/firewall adn added the below rules, but I tried connecting my phone to the secondary router and internet still works
What I am doing wrong ? Is it because of the “Zone” forwarding from LAN to WAN ?
config rule
option dest '*'
option target 'ACCEPT'
option name 'Rule #1'
list dest_ip '192.168.1.0/24'
list src_ip '192.168.8.1/32'
config rule
option dest '*'
option target 'REJECT'
option name 'Rule #2'
list dest_ip '192.168.1.0/24'
list src_ip '192.168.8.0/24'
config rule
option target 'REJECT'
option name 'Rule #4'
list dest_ip '192.168.1.0/24'
list src_ip '192.168.8.1/24'
Couple of technical infos
Router 1 config:
internal IP: 192.168.1.1
DHCP from 192.168.1.100 to 199
Gateway: 10.20.21.29
External IP: 27.aa.bbb.ccc
Subnet mask 255.255.255.0Router 2 config:
Static IP assigned from Router 1: 192.168.1.9 (but I can either access the router from 192.168.1.9 or 192.168.8.1)
DHCP from 192.168.8.100 to 299
Gateway: 192.168.1.1
external IP: same as Router 1 - 27.aa.bbb.ccc
Subnet mask 255.255.255.0
