FreshTomato Wiki

User Tools

Site Tools

Trace: advanced-vlan advanced-access
advanced-access

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
advanced-access [2026/01/08 22:50] – [LAN Access Notes] -Add "and Troubleshooting" to Subhead hogwildadvanced-access [2026/01/08 23:03] (current) – [LAN Access Notes and Troubleshooting] hogwild
Line 40: Line 40:
 ===== LAN Access Notes and Troubleshooting ===== ===== LAN Access Notes and Troubleshooting =====
  
-  * Before version 2025.5, regardless of LAN Access rules, a LANx device is able to reach (e.g. ping) all the router's LAN interfaces (only). This have been changed from version 2025.5 and newer, now the router LAN interfaces can only be reached from within the same subnet, e.g. a device at 192.168.10.10 can only reach the router at its address on the same subnet e.g. 192.168.10.1. +  * On releases r2025.4 and earlier, regardless of LAN Access rules, a LANx device was able to reach (e.g. ping) all the router's LAN interfaces (only). 
-  * All entries in LAN Access are one-way only. For example, if you want hosts on LAN0 to be able to communicate with hosts on LAN1, and vice versa, you'll need two entries in the table to achieve that. + 
-  * LAN Access is an IP-level access control. Therefore, **all ports/protocols are automatically enabled**. If additional fine tuning is needed (for example, you want to allow only allow port 80/TCP) you'll need to manually configure settings instead.+  * On r2025.5 and later: FreshTomato LAN interfaces can only be reached from within the same subnet. Thus, a device at 192.168.10.10 can only reach the router at its address on the same subnet e.g. 192.168.10.1. 
 + 
 +  * All entries in this menu are one-way only. If you want hosts on LAN0 to communicate with hosts on LAN1, and vice versa, you'll need two entries in the table for that. 
 + 
 +  * LAN Access is an IP-level access control. Therefore, **all ports/protocols are automatically enabled**. If additional fine tuning is needed (for example, to allow only allow port 80/TCP) you'll need to manually configure the settings for that.
  
  \\  \\
advanced-access.1767912608.txt.gz · Last modified: by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki