"
RFC1918 alias works perfectly, thanks!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
General Discussion / How to allow only Internet access
January 03, 2025, 06:13:00 PM
Hello,
my OpnSense is behind my ISP router. So the OpnSense WAN is actually the ISP router's LAN. (I use the isp router just as modem). In OpnSense I've configured multiple VLANs, where each VLAN has its own subnet.
Now I want to allow all outgoing traffic from VLAN 40 to the internet. Not only http+https, but all the other stuff aswell.
However I don't want to allow this VLAN to connect to other OpnSense networks.
And I'm not sure how I should create such a rule.
I can create a rule "allow from vlan40 to any: any" but this would also allow traffic from vlan40 to eg. vlan20 which I don't want.
I already thought about the following:
Create a "group/alias/whatever" that is destination any, but exclude other opnsense networks from this, like the vlan20.
Is something like this possible? How is it called?
Or what would be the "right" approach for my intention?
Thanks!
my OpnSense is behind my ISP router. So the OpnSense WAN is actually the ISP router's LAN. (I use the isp router just as modem). In OpnSense I've configured multiple VLANs, where each VLAN has its own subnet.
Now I want to allow all outgoing traffic from VLAN 40 to the internet. Not only http+https, but all the other stuff aswell.
However I don't want to allow this VLAN to connect to other OpnSense networks.
And I'm not sure how I should create such a rule.
I can create a rule "allow from vlan40 to any: any" but this would also allow traffic from vlan40 to eg. vlan20 which I don't want.
I already thought about the following:
Create a "group/alias/whatever" that is destination any, but exclude other opnsense networks from this, like the vlan20.
Is something like this possible? How is it called?
Or what would be the "right" approach for my intention?
Thanks!
Pages1
