Messages

I believe that this may be solved.

If the default LAN pass rule is set to "default" gateway then it seems to implicitly allow LAN-LAN traffic.
It appears that in this setup, my internal DNS server is accessible.

If I modify the default LAN pass rule and explicitly set the gateway to my ISP, then I must add a LAN-LAN pass rule above this rule as it seems suddenly LAN traffic is not allowed.

Is this by design or an oversight?  It's not a bad thing to have the LAN-LAN rule but shouldn't it be there by default from the initial setup?

Kev.

Hi all.  Coming over from pf and setting up again.

I typically run VPN connections whilst maintaining my standard ISP gateway.  I typically sort things out with policy routing.

The standard firewall rule on the LAN to route to the default gateway is all fine and works as expected.
When I manually change the gateway to forcibly be the WAN_DHCP (the correct IP also shows in the pulldown) then nothing routes out.

I also have the WAN_DHCP gateway set to default as well explicitly.

I have also looked at the NAT and don't see any issues there either.

I can't see this being a bug so I am doing something wrong and not picking it up.

Help?  TY.

Kev.