Question, I am looking to setup the firewall rules on the AP to help protect the internal network from the outside cameras. The setup is below:
AP - 192.168.6.29
GW is 192.168.6.30
--SM 1 192.168.6.23
--Camera 192.168.6.25
--Camera 192.168.6.26
--SM 2 192.168.6.14
--Camera 192.168.6.16
--Camera 192.168.6.17
So far I have the flowing rules:
fromInternal-Lan Accept LAN SRC IP192.168.1.0/255.255.255.0 DestIP 192.168.6.0/255.255.255.224
fromInternal-Wifi Accept WLAN SRC IP192.168.1.0/255.255.255.0 DestIP 192.168.6.0/255.255.255.224
fromControler Accept LAN SCV IP192.168.6.29/255.255.255.255 DestIP 192.168.1.0/255.255.255.0
Deny-Wifi Deny WLAN
Deny-Lan Deny LAN
I need traffic requests to source from the LAN side (192.168.1.X) to the AP then to the cameras at the sites. The cameras will stream video back to the 192.168.1.x network as well as get NTP from 192.168.6.30 and of course maintain management of the AP and Subscriber moduels. Do I need to add an explicit entry for each device out on the network or is there a cleaner way to do it? Do I also need the explicit deny deny at the end?
Thank you Josh