dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
224

TVX
@sbcglobal.net

TVX

Anon

Device conflict on network, how to set firewall/policy rules?

ZyWall USG 50

I have two devices on the same LAN (LAN1) that are conflicting with each other (one I believe has bad network card driver, the other sending nonstandard device discovery type traffic). They're legacy devices so not much chance of any of that being fixed.

I can't figure out how to set up rules that will allow those devices to remain on the network so other machines can access them, but at the same time not send each other traffic. I want the ZyWall to drop the traffic between those devices.

I set them up as objects by address (static IPs), and they're on separate physical segments of the network so traffic is going through the ZyWall, but no matter what firewall rules or policy rules I've tried, they can still send traffic to each other.

I also tried setting up tests between Windows machines on the LAN, also on different physical segments, blocking Ping traffic (and tried blocking all traffic) but the same thing happens - the firewall rules don't appear to be doing anything.

I'm missing something but I don't have any idea how to proceed. Either the firewall won't do what I'm wanting it to do or I'm missing other settings, or it just isn't possible.

Any help will be appreciated, Thanks.

janderso1
Jim
MVM
join:2000-04-15
Saint Petersburg, FL

janderso1

MVM

If both devices are on the same subnet the Zywall can see what they send but can’t block it. If you connect one of then to a different port and subnet (DMZ or LAN2) then you can use the Zywall firewall rules allow/block based on IP address.

How did you set up “different physical segments”?.
Post a diagram of your network if you can.