Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
New to Opnsense, trouble with firewall rules
« previous
next »
Print
Pages: [
1
]
Author
Topic: New to Opnsense, trouble with firewall rules (Read 1430 times)
xtacie
Newbie
Posts: 4
Karma: 0
New to Opnsense, trouble with firewall rules
«
on:
April 26, 2022, 08:50:54 pm »
I would greatly appreciate help and thank yous in advanced. I have a small network and for the most part everything is working fine but one issue I keep having. I didnt want to setup vlans and trying something I thought was easy...
igb0 - LAN (24 port managed switch)
igb1 - WAN
igb2 - WLAN - Engenius ECB600 Access Point (Strictly for IoT devices)
I have tried to create rules on the LAN side to block inbound all from WLAN net and also on WLAN to block all outbound any to LAN net but Im still able to ping a computer on LAN from WLAN and visa versa. What am I doing wrong here?? I have the default rules installed and also tried moving the block policy to the top of the chain with no luck
UPDATE: I have tried using floating rules to block any in on LAN from WLAN and no luck. Tried the quick option and without.
«
Last Edit: April 26, 2022, 09:43:31 pm by xtacie
»
Logged
EdwinKM
Full Member
Posts: 155
Karma: 5
Re: New to Opnsense, trouble with firewall rules
«
Reply #1 on:
April 26, 2022, 09:45:40 pm »
Start where the traffic is entering your firewall.
So, on the page for igb2 (WLAN) you create the rule to block access to LAN. This guy explains it:
https://www.youtube.com/watch?v=kYFNa_zpeII
«
Last Edit: April 26, 2022, 09:52:48 pm by EdwinKM
»
Logged
xtacie
Newbie
Posts: 4
Karma: 0
Re: New to Opnsense, trouble with firewall rules
«
Reply #2 on:
April 26, 2022, 10:35:18 pm »
Thank you for the video, I just watched it and followed his steps and STILL cannot manage to block traffic from WLAN to LAN. Is there maybe an option somewhere I hit that could affect the rules? I have tried every combination I could think of that made sense and still am able to ping LAN from WLAN. I have a watchguard xtm for years at home and had no problems setting that mess up and sonicwall at office with no issues lol. Im debating on defaulting everything and started all over again
Logged
EdwinKM
Full Member
Posts: 155
Karma: 5
Re: New to Opnsense, trouble with firewall rules
«
Reply #3 on:
April 26, 2022, 10:47:09 pm »
can you create a screenshot of the WLAN firewall rules?. Note that Ping (icmp) is a separate protocol. So i depends on what you actually want.
«
Last Edit: April 26, 2022, 10:50:49 pm by EdwinKM
»
Logged
xtacie
Newbie
Posts: 4
Karma: 0
Re: New to Opnsense, trouble with firewall rules
«
Reply #4 on:
April 26, 2022, 10:54:12 pm »
This is the LAN rules.. shouldnt i be able to block it here??? I just noticed in WLAN rules i had source/destination swapped and corrected it and NOW its blocking ping/anything from wlan
Why cant i block it from lan rules but i can stop it from wlan rules?
Logged
EdwinKM
Full Member
Posts: 155
Karma: 5
Re: New to Opnsense, trouble with firewall rules
«
Reply #5 on:
April 26, 2022, 10:59:42 pm »
block it at the interface entering the firewall. So, if WLAN should not talk to LAN you should add the block/reject rule to "WLAN" (with the destination of lan net)
With other words. Items in the "source" column should usually be "*" or the "<interface> net". Remove the second line (or modify the content and change the "interface". Opnsense will move it for you)
«
Last Edit: April 26, 2022, 11:16:36 pm by EdwinKM
»
Logged
xtacie
Newbie
Posts: 4
Karma: 0
Re: New to Opnsense, trouble with firewall rules
«
Reply #6 on:
April 27, 2022, 12:09:00 am »
Im used to a single firewall on an appliance and this is like a firewall at each interface. Took some beating it into my skull but I got it now.
Hey, just wanted to say THANK YOU for all your help.
Now onto setup OpenVPN.. lol
«
Last Edit: April 27, 2022, 12:10:43 am by xtacie
»
Logged
EdwinKM
Full Member
Posts: 155
Karma: 5
Re: New to Opnsense, trouble with firewall rules
«
Reply #7 on:
April 27, 2022, 12:05:00 pm »
Thanks for your feedback!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
New to Opnsense, trouble with firewall rules