On a router, how do I block wan access for a particular machine without blocking its access to the local network?
Yes, this is simply a matter of an access rule. I'm not familiar with your router, but you would create a rule that basically says "From source address (PC IP here) to ANY deny".
Now... as to LAN traffic, well, that will depend on your configuration. If the router has a built-in switch, and does not inherently or explicitly permit LAN to LAN traffic, you may need a rule that supersedes the one posted above. However, if it is implied, or if your devices are connected to the same switch downstream, then they are likely in the same subnet and your router does not have much of a say in the matter if they can talk to each other. The gateway is only consulted when a machine needs to reach outside of it's subnet.
Related videos on Youtube
HappyEngineer
Updated on September 18, 2022Comments
-
HappyEngineer over 1 year
On my tp-link TL-WR1043ND router I want to prevent a particular machine from having access to the WAN while still allowing that machine to access other machines on the LAN.
My assumption is that I need to do something in the "Access Control" section, however the problem is that it wants an ip range or domain name for the target of the rule. The router uses DHCP to get an address from the WAN, so I don't have any guarantee what the ip address of the wan will be.
If the answer is that it's not possible with this router, could someone describe how to do it using OpenWRT instead?
-
Felix Frank almost 10 yearsIt's not clear wether you answer really pertains to the question, because it is too brief. Can you elaborate on your suggested approach?