OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: cardins2u on January 18, 2018, 04:36:07 am

Title: vLAN Traffic - Allow Internet, Block Inter-vLAN Routing
Post by: cardins2u on January 18, 2018, 04:36:07 am

I'm beginning to share my internet with my neighbors.

we have 4 neighbors that we're going to run cat6 cables directly to their house. We live back against a freeway and 4 of our house are connected to each other.

What rules do I need to:
1. Allow Internet Access
2. Block Inter-vLAN routing. (example vLAN10 can access vLAN20, But vLAN20 (guests,neighbor) cannot acess vLAN10.


all help is appreciated. Sharing your rules would help too =)......learning..

Title: Re: vLAN Traffic - Allow Internet, Block Inter-vLAN Routing
Post by: Ciprian on January 18, 2018, 01:42:43 pm

Hi!

I would follow (and adapt, if needed) the guide regarding guest networks (found in the documentation, at https://docs.opnsense.org/manual/how-tos/guestnet.html).

I suggest, since it's about more than one guest net, to make a group of interfaces, containing the guest VLANs you have for your neighbors.

PS I am not quite aware of what your VLANs represent

Quote

example vLAN10 can access vLAN20, But vLAN20 (guests,neighbor) cannot acess vLAN10.

but I wouldn't allow traffic in between neighbors - assuming VLAN 10 is a neighbor's net, and VLAN 20 is another's...