Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
VIP interface firewall rule ?
« previous
next »
Print
Pages: [
1
]
Author
Topic: VIP interface firewall rule ? (Read 544 times)
tryllz
Full Member
Posts: 101
Karma: 0
VIP interface firewall rule ?
«
on:
March 01, 2023, 10:47:58 pm »
Hi,
I could not understand which interface to add a block rule in this case.
I have set up VIP (10.10.13.1) on FW1 (10.10.13.2 | Sub-Interface (
VLAN13_Servers
).
I have set a reject any IPv4 rule on this Sub-Interface of FW1, and shutdown FW2 for testing.
Parent interface of Sub-Interface
VLAN13_Servers
is also added with a reject all IPv4 rule.
But the ping traffic still reaches a VM in 10.10.13.0/24 network.
I found out that if I disable the VIP (10.10.13.1 in FW1) the pings between the 2 VMs stops
.
So my question is which interface do I add a block rule to block traffic from reaching the VLAN Sub-Interface, because I have added 1 block rule on Parent interface, an another block rule on Sub-Interface but the VM in 10.10.13.0/24 is still reachable ?
Thank You
«
Last Edit: March 02, 2023, 07:11:56 am by tryllz
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
VIP interface firewall rule ?