Block internet access for certain IOT devices

Started by puntjuh, April 04, 2025, 03:13:27 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 04, 2025, 03:13:27 PM Last Edit: April 08, 2025, 08:08:40 AM by puntjuh Reason: screenshots not showing
Hi,

I have my OPNsession configured with a number of VLANs, one of them specifically for the purpose of my IOT devices of which a few should not have access to the internet. So, I made a firewall rule to block internet access as a test for 2 devices, however, one device is blocked while the other continues to have access.

One device is an amcrest AD110 doorbell, this one the rule applies to. The other is a TADO bridge for the TADO thermostat, which continues to work. I've made a group named Blocked_IOT_Device and under content i've listed their both IP addresses, since they have their IP addresses assigned by DHCP i've made a static mapping for them both so they continue to have the same IP.


I had enabled logging for the rule and i can see both devices are being blocked, yet the TADO remains available via internet.



I don't want to necessarily block my Tado, but i'm curious as to why the rule isn't working.

Thank you for any help you can provide.
April 09, 2025, 12:22:25 AM #1
How did you establish that the device is still having access to the Internet?
Do you see entries in the FW live view?
I ask because FW won't impact established sessions. You'd have to search through the FW > Diags > States to delete existing state.

Another possibility is that the alias is incorrect. Wrong type. Entries not matching type.
Print
Go Up Pages1
User actions