Hi,
this is my current setup:
The settings not mentioned are left at their defaults.
Note: "Remote Access LAN" is enabled on Beryl (WireGuard server).
I would like to restrict LAN access(i.e., access to ports on the TP-Link router and Beryl) for clients connected to the Slate (WireGuard client), specifically Laptop1 and Laptop2 (other Wi-Fi devices connected to Slate might also be restricted, but that’s not important).
These clients should still be able to access the internet through the VPN tunnel - just not the internal network.
On the other hand, my smartphone should retain full access to manage all routers and access internal ports remotely, which is currently working as intended.
Is there any way to configure this without using LuCI or SSH? I'm concerned that making changes there might conflict with the web UI settings and cause issues during firmware updates.
If not, I have already tried adding a firewall traffic rule via LuCI, but it didn’t work.
