Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - luk4s

Pages1
#1
Intrusion Detection and Prevention / Re: ET Telemetry widget not working after OPNsense update 24.7_5
July 29, 2024, 10:24:25 AM
Same, widget failed to load.
#2
General Discussion / Re: I need a clarification about rules applied to interfaces
January 26, 2022, 07:10:23 AM
Thanks to everyone for the explanation.  :)
#3
General Discussion / Re: I need a clarification about rules applied to interfaces
January 25, 2022, 06:56:04 PM
Yes, I understand, that "default" behavor is deny all. I just need clarification, where to put rules to allow access.
cookiemonster said on VLAN30, you on VLAN10, that's my point. Which method is the correct one?
#4
General Discussion / [SOLVED] I need a clarification about rules applied to interfaces
January 25, 2022, 05:05:01 PM
Hi,

I need a clarification about rules applied to interfaces. On my OPNSENSE box i have a many vlan networks.
Let's say there are VLAN10 (10.0.10.0/24) - internal desktops, VLAN20 (10.0.20.0/24) - printers and VLAN30 (10.0.30.0/24) - internal servers. I would like the internal servers to be accessed only from VLAN10. Where should I put rules to protect access to servers, on VLAN10 or VLAN30 interface?
e.g.
on interface VLAN10:
Code Select

1)
action: pass
proto: IPv4
source: *
destination: SRV01 (10.0.30.2)
port: 80
2)
action: pass
proto: IPv4
source: *
destination: SRV02 (10.0.30.3)
port: 22


etc.

OR

on interface VLAN30:
Code Select

1)
action: pass
proto: IPv4
source: VLAN10 net (10.0.10.0/24)
destination: SRV01 (10.0.30.2)
port: 80
2)
action: pass
proto: IPv4
source: VLAN10 net (10.0.10.0/24)
destination: SRV02 (10.0.30.3)
port: 22
Pages1