1
General Discussion / Pass firewall rule allowing extra access
« on: June 19, 2022, 07:03:50 pm »
Hello – I’m admittedly a bit of a rookie and after much forum reading am stumped by a firewall rule meant to isolate one of my VLANS.
Setup: router on a stick with 3 VLANS/interfaces setup on switch (WAN, LAN, IPCAM)
Desired Behavior: I want to isolate IPCAM, blocking internet access and blocking access from any other device on the network except one IP (192.168.1.24)
I have the following two rules set up:
Action: Pass
Direction: out
Source: 192.168.1.24/1
Destination: IPCAM net
Action: Block
Direction: out
Source: VLAN net
Destination: IPCAM net
Instead of the desired behavior where I’m allowed access to one of the IP addresses on IPCAM only from 192.168.1.24, I’m allowed access from any IP on my VLAN and logs state that it's that first rule allowing it. Any help or push in the right direction would be greatly appreciated!
Setup: router on a stick with 3 VLANS/interfaces setup on switch (WAN, LAN, IPCAM)
Desired Behavior: I want to isolate IPCAM, blocking internet access and blocking access from any other device on the network except one IP (192.168.1.24)
I have the following two rules set up:
Action: Pass
Direction: out
Source: 192.168.1.24/1
Destination: IPCAM net
Action: Block
Direction: out
Source: VLAN net
Destination: IPCAM net
Instead of the desired behavior where I’m allowed access to one of the IP addresses on IPCAM only from 192.168.1.24, I’m allowed access from any IP on my VLAN and logs state that it's that first rule allowing it. Any help or push in the right direction would be greatly appreciated!