Show Posts
1
20.7 Legacy Series / [Solved] Blocking a LAN device from WAN, device can still connect to WAN network
« on: July 24, 2020, 06:08:42 pm »
Hi all
So I have read this: https://forum.opnsense.org/index.php?topic=6471.0 along with a few other threads, but I must have something wrong in my config.
I have a single cheap Chinese camera (Reolink) which I want to block from WAN. I am only connecting to it via LAN, and figured the easiest way to stop the Chinese cloud would be just to block it from accessing the WAN altogether.
What I have done:
1. Setup camera using app, static IP, enforced with MAC via OPNsense
2. Make an alias with just that IP in OPNsense
3. Disconnect my phone from wifi, thus requiring a cloud connection - I can connect to the camera as expected
4. Add firewall rule blocking anything from that alias to WAN net
5. Try to connect to the camera again via app - it still connects, expected behavior is that it should not
My rule is in: Firewall > Rules > LAN
Attached are screenshots of my config.
What am I doing wrong?
So I have read this: https://forum.opnsense.org/index.php?topic=6471.0 along with a few other threads, but I must have something wrong in my config.
I have a single cheap Chinese camera (Reolink) which I want to block from WAN. I am only connecting to it via LAN, and figured the easiest way to stop the Chinese cloud would be just to block it from accessing the WAN altogether.
What I have done:
1. Setup camera using app, static IP, enforced with MAC via OPNsense
2. Make an alias with just that IP in OPNsense
3. Disconnect my phone from wifi, thus requiring a cloud connection - I can connect to the camera as expected
4. Add firewall rule blocking anything from that alias to WAN net
5. Try to connect to the camera again via app - it still connects, expected behavior is that it should not
My rule is in: Firewall > Rules > LAN
Attached are screenshots of my config.
What am I doing wrong?