Somehow I cannot wrap my head around it.
I have a Balance One and six VLANs, of which one is for my trusted traffic, one for guests, and the others for untrusted traffic (camera’s and IoT devices). In this setup I am having troubles with inter-VLAN routing. What I want to achieve is that my trusted VLAN can access devices in the IoT VLAN. For the trusted VLAN I have ticked “inter-VLAN routing”, for the IoT I left it unticked.
I expected that in this setup I could already reach the IoT VLAN from my trusted one. But I can’t. I then added an internal routing firewall rule to allow trusted-vlan/24 to iot-vlan/24. But even with that rule it does not work (and that was to be expected, knowing how the default rule is already allowing all).
According to this post, I can achieve this by ticking “inter-vlan routing” on the IoT VLAN. But I do not want to do that because it would allow untrusted devices to access trusted VLANs. The solution to that is to set the default internal routing firewall rule to deny, but I cannot do that because it would stop my FusionHub from working (see this post).
What’s the solution here?