Isolate VLAN from routes learned from SpeedFusion VPN

Product Discussion Pepwave MAX
1

I have a Max HD4 running 6.2.2. I created a new VLAN and I’m trying to isolate it from the default VLAN and not allow it to pass traffic to any of the subnets learned via the SpeedFusion VPN. So essentially I want any systems on this new VLAN to simply have dirty Internet access, only go out the default route. So a few questions:

  1. While I created the new VLAN successfully, it’s not clear to me how to associate a specific LAN port with that new VLAN.

  2. Once that new port(s) are on the new VLAN, can I prevent that subnet/vlan from communicating with any routes learned via the SpeedFusion VPN and simply force them out their default gateway?

Any insight/help appreciated. Thanks.

Steve

2

Hi Steve,

Port based Vlan is supported in v6.3. You may try v6.3RC here.

  1. While I created the new VLAN successfully, it’s not clear to me how to associate a specific LAN port with that new VLAN.

Please find the screen shot below:-

1365×667 41.3 KB

  1. Once that new port(s) are on the new VLAN, can I prevent that subnet/vlan from communicating with any routes learned via the SpeedFusion VPN and simply force them out their default gateway?

Just take example below:-
Local Untag Vlan - 192.168.1.0/24
Local Vlan 2 - 192.168.2.0/24
Remote SpeedFusion peer subnet - 192.168.3.0/24

  1. Disable Inter-Vlan Routing on Vlan 2 on HD4.
  • Network > Network Settings > Select Vlan 2 > Network Settings > Inter-VLAN routing = Uncheck
  1. Create Internal Firewall Rules below on HD4:-

  • Protocol - Any

  • Source IP & Port - 192.168.2.0/24

  • Destination IP & Port - 192.168.3.0/24

  • Action - Deny

  • Protocol - Any

  • Source IP & Port - 192.168.3.0/24

  • Destination IP & Port - 192.168.2.0/24

  • Action - Deny

Hope this help.

3

Got it. So far so good. Thanks.

Steve