I have a Surf Soho and want to start using VLANs. Ideally I would have VLAN 20 (say computer) be more secure than VLAN 10 (say printer). That is, I want devices on VLAN 20 to be able to talk to devices on VLAN 10, but devices on VLAN 10 can not INITIATE communications with devices on VLAN 20. If I block all 10 -> 20 packets, then two-way communications initiated by VLAN 20 are blocked. I would like to use the Surf’s firewall for stateful packet filtering.
But I can’t figure out how to configure the Surf to allow this. Is there any way?