Isolate LANs

system · January 5, 2015, 1:47pm

Hello again

So this is a rather simple question I reckon but I need to be pointed in the right direction.

I have two LANs on two different interfaces. 10.0.0.0/24 and 10.0.1.0/24. Hosts on the first network can reach hosts on the second network. This is expected and working as it should. However if I want to isolate the LANs from being able to talk to each other, how would I go about doing that? Is it by using VLANs or are there other ways to achieve this (like ACL)? I should also mention that the LANs need to be able to access the Internet which is on a third interface on the gateway and available through NAT.

Thanks in advance!

JFL · January 5, 2015, 2:10pm

Hello
this is typically the role of the firewall feature (ACL if you want, but this is more Cisco terminology).

Have a look at the doc :

ftp://ftp.het.net/iso/vyatta/vc6.5/docs/Vyatta-Documentation_6.5R1_v01/Vyatta-Firewall_6.5R1_v01.pdf

system · January 5, 2015, 3:05pm

Thanks, will read up on that later today!