Disable traffic between vlan

RJ-45 · February 22, 2016, 6:04pm

Hello!

It is necessary to prohibit the traffic between the vlan on the router (VyOS). I make a right, but it does not filter …

set firewall name VL101 default-action accept
set firewall name VL101 rule 1 source address 192.168.101.0/24 (IP VLAN 102)
set firewall name VL101 rule 1 action drop
set firewall name VL101 rule 2 source address 192.168.102.0/24 (IP VLAN 103)
set firewall name VL101 rule 2 action drop

Appointed vlan rule:

set interfaces ethernet eth5 vif 101 firewall out name VL101

Well, is not working, still with 101 ping vlan grid with neighboring vlan.

What can be wrong ?

RJ-45 · February 23, 2016, 4:31am

Hello!
Network accessible via the internet, on the NAT router is configured, each network an external IP. If you disable the Uplink port on the router to disable the Internet. Networks in vlan not ping. How to solve a problem. It is necessary that the network does not ping each other. In order to eliminate the parasitic traffic.

ArneO · February 29, 2016, 3:10pm

Perhaps you could make a drawing of your network and post your configuration.
Then describe your testcase precise.

Someone may be able to help you if your questions are more easy to understand.