Messages

1

General Discussion / Re: Basic rule for each network

« on: November 07, 2023, 02:15:29 pm »

Hello,

Completely agree with you, testing would be a good idea. Unfortunately for me, all my VLAN are physically connected on a black fiber trunk who is connected to another city.
I have to configure everything before commissioning with no chance of testing.

I'm pretty sure if I create a group with all my interface inside and create a rule with:
Interface  Gr_VLAN
Protocol any
Source GR_VLAN
Destination GR_VLAN
GW default

All VLANs in the group will be allowed all together?
This is not what I want.

I would just like to be sure that I don't need an internal rule to each VLAN that allows network members to join the GW?

Thank's a lot

 

2

General Discussion / Basic rule for each network

« on: November 07, 2023, 11:25:27 am »

Hello Everybody,

I'm configuring a new opnsense with around 40 VLAN each one is assigned on an interface.
To resume, I have around 40 networks.
One of my workmates tell me that I need for each network de following rule:

Example for network vlan ID 100
Interface  VLAN_100
Protocol any
Source VLAN_100
Destination VLAN_100
GW VLAN_100_GW

I really need this rule to be sure that my network 100 can reach it own GW?
Or it's superfluous?

Thank's a lot for your help