Can i block the local access to NSG50?

Hi there,

I use a NSG50, a GS1920-8HP and 2 NAP102.

In the NSG50 i created serveral VLAN's and a VLAN10 for guests (10.10.10.1 with DHCP server from 10.10.10.33-232), i enabled the 'guest'-slide-button in the interface section.
In the AP settings i made a 'guest' SSID with VLAN-ID10 and (did i need to?) enabled the 'guest'-slide-button, so the 'layer-2-isolation' is enabled, and i did enter the MACadress of the NSG50.
So far so good, when i connect to the guest SSID, i can connect to the internet but also can i connect to the nsg's local GUI at 10.10.10.1.
I don't want guest to be able to do this, can i manage to block this IP?
I tried to make an outboud-firewall-rule with source: 10.10.10.0/24 destination: 10.10.10.1 but then i get the error message: INVALID_DST_IP_AND_SRC_IP_DUPLICATE 

Perhaps i am doing it all wrong, what i would like to make is a network with 4 VLAN's, all separated from each other with one guest lan that can only access the internet.
If someone could help me in the right direction, thank you very much.

gr. Bram


 

Best Answer

Answers

  • Hi Chris,

    Thanks for your reaction, i already was afraid it wasn't doable  :)
    Then it also isn't possible to use 2FA for the local login, or disable the local login complete?
    If possible i want guests not to be able to crack the local password in any way.
    grts. Bram!
  • Nebula_ChrisNebula_Chris Zyxel Official Agent Posts: 142  mod
    Hi Bram,
    We'll have the enhancement of this part and the 2FA will be launched on L2TP, I'll private message you about the guest zone case.

    /Chris

  • AlfonsoAlfonso Member Posts: 146  Ally Member

    HI @Nebula_Chris


    When 2FA will be launched on L2TP? It will be launched on IPSEC/L2TP?


    Thanks in advance

  • Nebula_ChrisNebula_Chris Zyxel Official Agent Posts: 142  mod

    Hi @Alfonso

    It's L2TP over IPSec VPN support 2FA feature and it will be launched at this year of December.😄


    Cheers~

  • AlfonsoAlfonso Member Posts: 146  Ally Member

    Thanks @Nebula_Chris

    It sounds great.

    Nebula_Chris
Sign In to comment.