Messages

1

General Discussion / OPNSense Rules

« on: October 13, 2020, 01:01:13 am »

Hello all, I'm a retired IT worker, upgrading from a Smoothwall 3.1 Express install that I've been using about 10 years.  I was a programmer and I'm 69 years old, so it might take me a little longer to get this right than some of you pros!   Anyway,   I'm using three interfaces, with one for my desktops and NAS and one for my wireless, phone, cameras, and other devices.  I've attached a screenshot of my OPT interface firewall rules.  My philosophy with my Smoothwall was to allow only what I need and reject everything else.  One of my devices is an IP Phone, and I've found on my Smoothwall it worked best when set to an always allowed device.  I've tried to do that with my OPNSense rules with the two you'll see in the screenshot for 192.168.1.100.  The rules as they are work fine.  However when I disable the "In" rule for 192.168.2.100 I disable my Internet connection  on this subnet.  So, clearly the rule must not be doing what I'm expecting it to, and my rules above which allow Internet must not be working either.  My best guess is that DNS is not working on this subnet, and somehow my "in" rule is enabling it.  Can someone offer me a suggestion?  Thanks so much.