Can't reach LAN from VLAN despite explicit allow rule

Started by Brink7564, April 09, 2024, 12:43:01 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 09, 2024, 12:43:01 AM
Hey,

Basically the title.

I'm trying to get into my LAN from a VLAN, but despite a specific allow rule on the VLAN interface (PERSONAL) to allow all traffic to the LAN interface, I can't reach any of the devices there. I also tried adding the same a floating rule that includes both interfaces, but that didn't help either. Surely I must be doing something wrong?

Firewall: Rules: Floating
Protocol    Source          Port    Destination   Port. Gateway Schedule
IPv4 *    PERSONAL net    *    LAN net         *        *         *
April 09, 2024, 09:11:39 AM #1
Hi,

unfortunately you did not mention what you're actually trying to do. Ping, Http, Rdp? Are we talking IPv4/v6 and what setup is deployed?

In any case, when "trying to get into" your LAN check Firewall -> Log files -> Live View

It will tell you if it blocked packets and why. Configure your pass rule with enabled logging to also see possible passed packets. From there one could try to identify possible issues in your setup.
April 09, 2024, 09:59:08 AM #2
Did you specify the rule direction as ,,in"?
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
April 09, 2024, 06:35:04 PM #3
Quote from: Saarbremer on April 09, 2024, 09:11:39 AM
Hi,

unfortunately you did not mention what you're actually trying to do. Ping, Http, Rdp? Are we talking IPv4/v6 and what setup is deployed?

In any case, when "trying to get into" your LAN check Firewall -> Log files -> Live View

It will tell you if it blocked packets and why. Configure your pass rule with enabled logging to also see possible passed packets. From there one could try to identify possible issues in your setup.

Hey, thanks for the quick reply and sorry for posting incomplete information. Using Live View, I managed to figure out my mistake: There is a VPN client running on my laptop which unfortunately doesn't do or have an option for split tunneling (I only recently started using the client). So all packets showed as coming from the VPN's external IP rather than my local IP and were therefore rightfully blocked. When disconnected from the VPN, I can reach LAN devices just fine.

Sorry for bothering you with my stupidity..!
Print
Go Up Pages1
User actions