Firewall / VLAN Restriction

This section of the configuration focuses on controlling inbound traffic. From a network administration perspective, inbound rules can be set up to restrict access to critical devices, such as routers and switches, based on specific LAN devices. This approach helps prevent unauthorized access by LAN users, ensuring they cannot make changes that could disrupt internet access for the entire network.

Below is an example of how this can achieved.

Inbound Interface: This would be the LAN interface from which the switch/LAN users would be coming.

Outbound Interface: This would be the WAN/Router interface

In this case, 10.250.251.1 is the Router directly connected to the WAN interface, ether1.

This rule will block access to the router from devices that are coming from the LAN/192.168.1.0/24.

The devices on the LAN will continue to have access to other network resources and internet access but will not have access to the router that’s on the WAN interface.

This section deals with allowing access to LAN devices, such as a server via Remote Desktop.

For the changes to take effect, the unit needs to be reloaded under “System Commands”.

The port forward rule below will allow one to access the server remotely via the public IP address or DynDNS address and the port number: 3391 appended to the end of the address.

The networking has the option to allow traffic to traverse from one VLAN to another.

In the configuration below, VLAN 2 traffic can reach VLAN 50, but cannot reach VLAN 99. VLAN 50 can reach VLAN 2 and VLAN 99, and lastly, VLAN 99 cannot reach VLAN 2 but can traverse to VLAN 50.

This section of the configuration gives the network administrator block access to the iShield depending on the location, the iShield determines the user's location by checking the user's internet IP address. As seen below, users coming from the countries in RED will be blocked and only those in GREEN will be allowed.

To add a country(s) to the Block list, the administrator simply needs to hover over the respective country and click on it, then click on Save changes, and lastly, reload the unit for the changes to take effect.