My home network consists of an OpenWRT router with two VLANs:
- VLAN 01 (192.168.1.1/24): Desktops, unRaid NAS, Radarr, Sonarr, Tautulli, etc
- VLAN 02 (192.168.2.1/24): Plex and Overseerr
My use case is Plex/Overseer are exposed to the Internet so I want to isolate them as much as possible from VLAN 01.
Overseerr needs to talk to Radarr/Sonarr and Tautulli needs to talk to Plex. On the OpenWRT firewall rules I have only allowed access from the Overseerr IP to the Radarr/Sonarr IP over the Radarr and Sonarr ports. All other traffic from VLAN 02 to VLAN 01 is set to “drop”.
Anything sensitive is on VLAN 01, so I am allowing all traffic from VLAN 01 to VLAN 02. Is this generally considered “OK” or should I lock down traffic from VLAN 01 to VLAN 02 to just the IPs and ports needed for Tautulli communication to Plex?
Thanks
You must log in or register to comment.