EdgeRouterX Question

4 posts / 0 new

Thu, 12/13/2018 - 12:44

AC0WN

I have an EdgeRouterX configured as a switch with Mesh Node A on eth0 and LAN (10) on eth1-eth4. Is there a way I can "disable default route" on just eth4?

I'd like to put a wireless AP on eth4 that allows access to the mesh LAN but NOT allow access to WAN (internet).

Any and all suggestions will be greatly appreciated as I'm a bit new to the finer points of network management and losing hair at an alarming rate.

Many thanks,
julie /ac0wn

Thu, 12/13/2018 - 22:10

AE6XE

ACOWN, the edgerouter

ACOWN, the edgerouter probably has this ability. Generally, as just a level 2 vlan smart switch, it is configured to give all the data packets to the mesh node. It's the mesh node that then decides if to route the data packets to the WAN, and can not distinguish if a given device is on a particular lan port of the EdgeRouterX.

The EdgeRouterX is baed on a linux kernel. As such it would have the ability to create custom firewall rules to look at the IP addresses and deny traffic on a given port from being passed on. You'd basically have to add a firewall rule in the EdgeRouterX OS that passes mesh 10.x.x.x and some 172.16.x.x addresses for tunnels, but blocks everything else (the default or unknown mesh addresses). This would need some advanced understanding of iptables and EdgeRouterX OS to figure out.

Joe AE6XE

Fri, 12/14/2018 - 19:50

AC0WN

Right on, Joe

Thank you for your comments Joe. You hit the nail on the head. I need someone with advanced understanding of iptables, EdgerouterX OS, policy routing, and firewall rules to help me figure out how to do this little trick. :)

julie /ac0wn

Sat, 12/15/2018 - 10:51

AE6XE

Sorry, I don't have one to

Sorry, I don't have one to inspect.

Joe AE6XE

Amateur Radio Emergency Data Network

Menu SF

You are here

EdgeRouterX Question

Amateur Radio Emergency Data Network

Search form

Menu SF

You are here

EdgeRouterX Question