OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: sirio81 on April 09, 2018, 04:17:38 pm
-
Hi All, I have an OPNsense 18.1 with 3 nic.
The first nic (re0) has 3 vlan assigned.
The other 2 nic (re1 and re2) are WAN interfaces used in a wan group for multi wan.
On every VLAN interface I have to add a rule to allow DNS query on OPNsense, as described in the documentation (https://wiki.opnsense.org/manual/how-tos/multiwan.html#step-5-add-allow-rule-for-dns-traffic).
I wonder if there's a way to set a single floating rule for that.
I don't think it's possible because I have to set a specific ip in the 'Destination' filed and that ip is different for every vlan (es: 192.168.3.1; 192.168.4.1; 192.168.5.1).
But you may surprise me with something I don't know :-)
-
You can use one host(s) alias and add all these IPs. Then use the alias for your fw rules.
-
I use a floating rule to allow DNS queries on multiple inside interfaces. I pick the interfaces I want, set direction to in, and then just the the built-in "This Firewall" alias as the destination.
http://prntscr.com/j2yjoa
-
And the Alias contains all interfaces ip addresses I guess, right?
-
It can contain whatever IP addresses you want to use and also FQDNs which will get resolved periodically (every 1 min if I'm not mistaken). You can type in any of these two and as many as you need :)