OPNsense Forum

English Forums => General Discussion => Topic started by: Ceaus on May 20, 2020, 09:31:06 pm

Title: FW terminology/concepts
Post by: Ceaus on May 20, 2020, 09:31:06 pm: Hi,

Newbie here. I've set up 2 networks LAN1 and IOT. I'm trying to understand how the FW rules work. It's not entirely how I thought they would work. But that's probably just my ignorance. So before asking the stupid questions, please help me understand the following, as I couldn't find that in the documentation:

1. "LAN1 address": Is that the ip address of the LAN1 interface at the FW?

2. "LAN1 network" is that:
a) the ip range for this interface (e.g. 192.168.10.0/24).
b) whatever is networked behind that interface? (If I have a completely different ip addresses behind LAN1, would those addresses be included in the rule as well?)

3. Do I need block rules to disable zone/interface forwarding? Or is zone forwarding blocked by default?

Thanks!
Ceaus
Title: Re: FW terminology/concepts
Post by: fabian on May 20, 2020, 10:37:12 pm: Quote from: Ceaus on May 20, 2020, 09:31:06 pm

1. "LAN1 address": Is that the ip address of the LAN1 interface at the FW?
Yes
Quote from: Ceaus on May 20, 2020, 09:31:06 pm
2. "LAN1 network" is that:
a) the ip range for this interface (e.g. 192.168.10.0/24).
b) whatever is networked behind that interface? (If I have a completely different ip addresses behind LAN1, would those addresses be included in the rule as well?)
yes and no

Quote from: Ceaus on May 20, 2020, 09:31:06 pm
3. Do I need block rules to disable zone/interface forwarding? Or is zone forwarding blocked by default?
Every thing is blocked by default except some stuff OPNsense needs to function like ICMPv6.
Title: Re: FW terminology/concepts
Post by: Ceaus on May 20, 2020, 11:02:33 pm: Thanks a bunch for your reply. Much appreciated! :)