Hello,
I have a local network (172.16.10.0/24) and a VLAN8 Network (172.16.8.0/24)
i want to block all traffic to the local LAN, that works fine,
i want to allow traffic vom VLAN8 to public, that works, (it brings the problem, access on all vlans :-( )
but i want to pass traffic to a specific device on the lan network side (MySQL Server, ICMP)
my client can't ping to the localnetwork, fine.
my client can ping to google ( 8.8.8.8 ) fine.
but my client can't ping to the specific device in the LAN..
why my rule not working?
Rules are processed in order. The first match "wins". So you need to move the allow rule for the single server before the block rule for the entire LAN.