OPNsense Forum
Archive => 20.7 Legacy Series => Topic started by: dcol on September 29, 2020, 08:14:29 pm
-
I have a basic default setup with two LAN interfaces and one WAN gateway. Everything works fine, except LAN1 can ping and get to shares on LAN2 and vice versa. I do not want the LAN's to have any connection between them.
I have NAT outbound set from each subnet going to the same NAT address, which is the WAN IP address. I assume this is where the connection is since no LAN block rule works.
How do I block the subnets?
-
This is interesting, I have the opposite. Lan1 routes to wan and works as you would expect. The opt1 interface can route route but does not have any ability to see lan1. The firewall is set to default on both networks lan1 and opt1, only difference opt1 base a gateway definition to wan. Not sure how this happened since I did a fresh install 20.7.1 and upgraded to 20.7.3 before I started working configurations.
-
I set up a firewall rule for the LAN2 connection so it can talk to anything BUT the LAN1 connection. Screen shot enclosed.
I assume you can also create a firewall rule on LAN1 so it can't talk to LAN2.