Print Page - Not able to ping to another VLAN even though my firewall rules allow it

Title: Not able to ping to another VLAN even though my firewall rules allow it
Post by: warheat1990 on January 09, 2022, 09:43:06 AM

192.168.20.21 is my CUPS print server
192.168.0.7 is my printer

I've created this rule

https://i.imgur.com/blKecpq.png

But I'm not able to connect to 192.168.0.7 from 192.168.20.21, if I remove the RFC1918, it works but I don't want subnet 192.168.20.x to be able to connect to other VLAN expect the one I specify.

What am I missing in the firewall rule?

Title: Re: Not able to ping to another VLAN even though my firewall rules allow it
Post by: marjohn56 on January 09, 2022, 11:25:43 AM

Remove the RFC rule and specifically block the net you want is my suggestion. Here's my IoT VLAN rules. Specific rules allow or deny specific devices between my primary VLAN and my IoT VLAN. My Primary LAN can access anything on the IoT VLAN, but not the other way around.
(https://i.ibb.co/257DwpV/rules.png) (https://ibb.co/b7gSxGw)

and the Primary VLAN rules
(https://i.ibb.co/4TYdGvm/Pri-rules.png) (https://ibb.co/1qd65yv)

Note that some of the rules are there really as a reminder for me, and won't ever be triggered.

OPNsense Forum

Archive => 21.7 Legacy Series => Topic started by: warheat1990 on January 09, 2022, 09:43:06 AM