Talking between isolated networks
Hi all,
I have my Firewalla Gold setup with two isolated networks (each uses a different physical port, and is isolated with a "deny all traffic between the two" rule) Is there a way to set up for a specific device on one network to talk to a specific device on the other? In other words, I want to connect to the WAP on the IoT network from the Home network for configuration changes. Thanks!
-
Hi, thanks for the reply. I have been trying that, putting the rule in several places with no luck (a PING from the source device does tag the ALLOW rule, but that's as far as it gets). Specifically,
Device1 in LAN1: Desktop Browser
- Port 1 on Firewalla Gold
- Rule defined to "Block Traffic from & to All Local Networks"
Device2 in LAN2: Linksys WAP
- Port 2 on Firewalla Gold
- Rule defined to "Block Traffic from & to All Local Networks"
I want Device1 to talk to Device2 (ie. I want to configure the WAP from LAN1), with everything else blocked. I created an ALLOW rule (Device1 is allowed to talk to the ip of Device2) both under the rule list of Device1 and under the network definition of LAN1. No dice. Obviously, I am missing something. The ALLOW rule is set to "outbound only". Do I need a matching one for the incoming signal on LAN2? Bi-directional? Is there a setting elsewhere that I need to toggle? Thanks!
-
I figured it out, only to be faced with another problem. Device1 is indeed punching through the "inter-network wall,", but for some reason the WAP is not accepting the login (or a simple ping for that matter). I tried the same thing with a switch on LAN2, and Device1 on LAN1 logged in just fine. So, now the question is why the WAP is being so rude and not answering the door. Thanks for your help!
-
I am honestly stumped. The rule DID work, but for different devices (switch, TV) on the target network. I was able to log into my LAN2 switch from LAN1 with no problem, and I was also able to ping a LAN2 TV (on the far side of the switch, so I know the switch is not doing anything wonky). The WAP (a linksys router in bridge mode) just will not accept anything. I plugged a laptop into LAN2, and was able to ping it and log in, where I told it to allow remote administration. No cigar. So, in summary, the Firewalla is not blocking anything, the switch is exonerated, and the WAP works from the local network. At least I should be able to ping the WAP, if not login, from a different LAN. It won't even accept a ping (but it does locally). My conclusion is that the WAP just won't accept anything (neither ping nor login) from a remote network. I even checked the firmware, and then unplugged it to let it hard boot, with no luck. I guess I am just gonna have to resign myself to logging in locally. I'll live... but I won't enjoy it...:) Thanks again!
Please sign in to leave a comment.
Comments
5 comments