Hi,
Newbie here. I've set up 2 networks LAN1 and IOT. I'm trying to understand how the FW rules work. It's not entirely how I thought they would work. But that's probably just my ignorance. So before asking the stupid questions, please help me understand the following, as I couldn't find that in the documentation:
1. "LAN1 address": Is that the ip address of the LAN1 interface at the FW?
2. "LAN1 network" is that:
a) the ip range for this interface (e.g. 192.168.10.0/24).
b) whatever is networked behind that interface? (If I have a completely different ip addresses behind LAN1, would those addresses be included in the rule as well?)
3. Do I need block rules to disable zone/interface forwarding? Or is zone forwarding blocked by default?
Thanks!
Ceaus
Quote from: Ceaus on May 20, 2020, 09:31:06 PM
1. "LAN1 address": Is that the ip address of the LAN1 interface at the FW?
Yes
Quote from: Ceaus on May 20, 2020, 09:31:06 PM
2. "LAN1 network" is that:
a) the ip range for this interface (e.g. 192.168.10.0/24).
b) whatever is networked behind that interface? (If I have a completely different ip addresses behind LAN1, would those addresses be included in the rule as well?)
yes and no
Quote from: Ceaus on May 20, 2020, 09:31:06 PM
3. Do I need block rules to disable zone/interface forwarding? Or is zone forwarding blocked by default?
Every thing is blocked by default except some stuff OPNsense needs to function like ICMPv6.
Thanks a bunch for your reply. Much appreciated! :)