Home/Support / Knowledge Base / HOW TO: Block Internet Access for a Specific Ethernet Port on Digi TransPort Routers While allowing

HOW TO: Block Internet Access for a Specific Ethernet Port on Digi TransPort Routers While allowing Local Access to the Router Web Interface


To accomplish this, you will need to put the Ethernet interfaces into Port Isolate mode under Configuration - Ethernet - select the Ethernet interface - Advanced.  When changing from Hub Port mode, you will need to save the changes and reboot the router for the change to take effect.  An unique IP address will need to be assigned  to the desired Ethernet interface.  

The following firewall rules will block internet access (on PPP 1) for devices connected to  Ethernet interface 2:

#Allow client on eth 2 web GUI access only

pass in break end on eth 2 from any to addr-eth 2 port=80 inspect-state

#Block all other traffic on eth 2

block break end on eth 2 from any to any

Replace the PPP and eth interface numbers to accommodate your specific environment.

Last updated: Mar 14, 2019

Filed Under

Cellular/Transport

Recently Viewed

No recently viewed articles