Messages

1

General Discussion / Re: wrong setup do not segmentation on vlans

« on: October 25, 2021, 03:19:02 pm »

I resolved it with the rules you have cited, now I use these rules:
VLAN1

• allow all traffic incoming from vlan control [vlan10]
• block all traffic from others vlans [ ! vlan1]
• allow all traffic incoming [to wan and beyond]

it works how i think it shuld be; thx

2

General Discussion / wrong setup do not segmentation on vlans

« on: October 22, 2021, 05:51:24 pm »

Hi, i have a wrong setup because I do not have a segmentation on the vlans; i tried to add rules to blocks all traffic from others vlans and leave only the possibility to exit on the wan; but these rules never applied, and this default rule "let out anything from firewall host itself" is activated instead.
here a simple draw of the network:
https://ibb.co/3hngxpY
here the log on the activation rule:

Code: [Select]

vlan_SERVICE Oct 22 17:22:38 10.10.0.253 10.40.0.253 icmp let out anything from firewall host itselfthe ping commnad i execute on a host on other vlan and I expected it to fail.
what settings should i see to restore vlan traffic isolation?

3

General Discussion / Simple question on gateway

« on: July 03, 2021, 07:33:22 pm »

Hi, I am new on opnsense and I try to create a simple setup like this image
In this scenario i want to go out with LAN1 towards WAN1, and for this i create a Gateway with IP 192.168.10.1 relaunch pkgs towards default GW of WAN1, and relative rules on firewall to permit all traffic in and out, but this not work, i need something else? like loopback or virtualIP? Or I just wrong with my setup?
Sorry but i can not find some tutorial for that simple things. thx