Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Automatic firewall rule that prevents my LAN
« previous
next »
Print
Pages: [
1
]
Author
Topic: Automatic firewall rule that prevents my LAN (Read 646 times)
PCG
Newbie
Posts: 7
Karma: 0
Automatic firewall rule that prevents my LAN
«
on:
June 05, 2024, 09:25:12 am »
Good morning,
I am encountering a difficulty.
I have a rule in place that allows my IPv4 LAN to communicate with my WAN address:
Protocol IPv4 source "ip of my lan" port "any" destination "wan address" port "any" gateway "default"
Despite this rule, I have the default rule that blocks me:
Source "IPlan:54941" destination "8.8.4.4:53" protocol "udp" label "Default deny / state violation rule"
I can't override the automatic rule.
Can you help me please ?
Logged
Patrick M. Hausen
Hero Member
Posts: 6812
Karma: 572
Re: Automatic firewall rule that prevents my LAN
«
Reply #1 on:
June 05, 2024, 09:44:31 am »
You need to change "IP of your LAN" to "LAN net" - that is a predefined alias.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
PCG
Newbie
Posts: 7
Karma: 0
Re: Automatic firewall rule that prevents my LAN
«
Reply #2 on:
June 05, 2024, 10:00:06 am »
Thanks for your feedback.
Despite this configuration with the alias, the rejection remains the same..
Logged
mooh
Jr. Member
Posts: 93
Karma: 3
Re: Automatic firewall rule that prevents my LAN
«
Reply #3 on:
June 05, 2024, 12:54:49 pm »
You don't say what "WAN adresse" is. I guess it doesn't match 8.8.4.4. Maybe you can tell us what this rule is supposed to achieve. Then, the forum may be able to help better.
Logged
Patrick M. Hausen
Hero Member
Posts: 6812
Karma: 572
Re: Automatic firewall rule that prevents my LAN
«
Reply #4 on:
June 05, 2024, 06:49:38 pm »
This rule now permits your LAN network to communicate with the WAN address - which is the single address of your firewall on the WAN interface. I thought that's what you want?
Do you want your LAN network to be able to communicate with "the Internet" which is connected to your WAN? That is of course "any", because "the Internet" contains all possible addresses (with few exceptions).
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Automatic firewall rule that prevents my LAN