Hiya,

I've setup two port based VLANs on a 2860. LAN1 has my office machines, while LAN2 (plugged into a specific port on the router) only has a web server.

I'd like to setup routing from LAN2 Webserver > LAN1 Database, and nothing else.

I'm assuming I need to setup "interLAN routing" and then configure a rule to block all from LAN2 to LAN1 except for a couple of ports between the two services?

Has anyone got a working example (screen shots) that would save me a lot of trial and error?

- or - have I got this totally wrong and life isn't that simple?

Chat soon.

You setup 'interLAN routing' between the two lans.

Then using firewall filters, you will setup the necessary rules to allow access between the devices on the two different network. Last rule will be to block all traffic between the two networks, in both directions.

https://www.draytek.co.uk/support/guides/kb-ipfilter-allowing-inbound-traffic