Can i block the local access to NSG50?

Hi there,

I use a NSG50, a GS1920-8HP and 2 NAP102.

In the NSG50 i created serveral VLAN's and a VLAN10 for guests (10.10.10.1 with DHCP server from 10.10.10.33-232), i enabled the 'guest'-slide-button in the interface section.
In the AP settings i made a 'guest' SSID with VLAN-ID10 and (did i need to?) enabled the 'guest'-slide-button, so the 'layer-2-isolation' is enabled, and i did enter the MACadress of the NSG50.
So far so good, when i connect to the guest SSID, i can connect to the internet but also can i connect to the nsg's local GUI at 10.10.10.1.
I don't want guest to be able to do this, can i manage to block this IP?
I tried to make an outboud-firewall-rule with source: 10.10.10.0/24 destination: 10.10.10.1 but then i get the error message: INVALID_DST_IP_AND_SRC_IP_DUPLICATE 

Perhaps i am doing it all wrong, what i would like to make is a network with 4 VLAN's, all separated from each other with one guest lan that can only access the internet.
If someone could help me in the right direction, thank you very much.

gr. Bram


 

Best Answer

Answers

Sign In to comment.