Disable inter-VLAN routing between LAN and VLAN2 : POS SOLUTIONS

Disable inter-VLAN routing between LAN and VLAN2 Print

Modified on: Mon, 21 Jun, 2021 at 7:49 PM

1. To disable inter-VLAN routing between LAN and VLAN2, head to the UniFi Network Controller and go to Settings > Routing & Firewall > Firewall > Rules > LAN IN¹

2. Create a new rule that Drops or Rejects² with the configuration shown below.

Name: to your liking.
Enabled: ON
Rule Applied: before Predefined Rules
Action: Drop or Reject²
Protocol: All
Logging: to your liking
States: all unchecked (assumes all states)
Don't match on IPsec packets
Source Type: Network
Network: LAN - NETv4³
Destination Type: Network
Network: VLAN2 - NETv4

NOTE:

1.LAN IN is where you want to filter all of your LAN/VLAN traffic, as IN is the first point of entry to the firewall, no matter the interface. The OUT ruleset will only be used in rare special cases.

2. "Drop" will completely drop the traffic resulting in a "request timed out" message on the client; "Reject" will send back a connection refused packet to the client.

3. NETv4 includes the entire network, ADDRv4 only includes the USG's interface address for that network (ex 192.168.1.1-192.168.1.254 vs 192.168.1.1)

Did you find it helpful? Yes No

Disable inter-VLAN routing between LAN and VLAN2 Print

Related Articles