Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - 19wolf

Pages1
#1
General Discussion / Re: Block OPT->LAN but allow LAN->OPT?
July 29, 2018, 09:45:35 PM
Okay so I think it is working as expected, but I cannot connect to one particular host (192.168.2.2) on OPT1 from LAN, (even on the opnsense router itself). I can connect to it (it's a virtual lxd container), and see that it has an internet connection. I can connect to it from another device on OPT1, but even with all the firewall rules set back to default, I can't access it.

OPT1 192.168.2.1 -> OPT1 192.168.2.2 works
OPT1 192.168.2.1 -> LAN 192.168.1.3 works
OPT1 192.168.2.2 -> OPT1 192.168.2.1 works
OPT1 192.168.2.2 -> LAN 192.168.1.3 fails
LAN 192.168.1.3 -> OPT1 192.168.2.1 works
LAN 192.168.1.3 -> OPT1 192.168.2.2 fails
#2
General Discussion / Can't access specific device on OPT1 from LAN -- EDITED see first 'reply'
July 29, 2018, 08:31:36 PM
I'm trying to figure this out. I'm new to OPNsense (in a VM) coming from Shibby Tomato (on my now AP). I set up a rule on OPT1 Interface as follows:

Block - Source:OPT1 Net - Dest:LAN Net

But now they can't communicate at all. My goal to access services on OPT1 but keep LAN safe if OPT1 becomes compromised. I assume this is possible?
Pages1