Joined: 22 Feb 2012
|Posted: Tue May 22, 2012 5:00 Post subject: deny access from VLAN to router HTTP port (deny admin'ing)
|I have a Virtual WLAN on my Asus WL500W running DD-WRT v24-sp2 (08/07/10) mega build 14896.
The problem is my virtual WLAN can access my router's admin interface on the HTTP(s) port on both the physical interface and the virtual one. I have the following set up to deny physical to virtual "cross-talk"
Physical interface is: br0 192.168.1.1/255.255.255.0
Virtual Interface is: br1 10.10.10.1/255.0.0.0
iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP
iptables -I FORWARD -i br0 -o br1 -m state --state NEW -j DROP
How is the virtual interface still able to talk to the physical interface and how can I stop the virtual interface from accessing the HTTP(s) port on the router? (the admin control panel of the router)
Thank you in advance