newbie question FW rule between two LANs

[vikozo]

Hello
i do have a


     Internet
            |
+-------+------+
|   Router        | GW LAN-1 10.147.42.1
| Fritzbox        |
+-------+------+
            |
+-------+------+
|  OpnSense    |  eth1 LAN-1 = 10.147.42.7  --> Switch --> PC1
|                    |  eth2 LAN-2 = 10.18.10.1   --> PC2
+--------------+


PC1 | Work and get IP on DHCP (10.147.42.x Range) an go Internet
PC2 | Got a IP on DHCP (10.18.10.x  Range) but can't go to Internet


PC2 Ping works to the LAN-01 Port and LAN-2 Port but can't ping 10.147.42.1

so the question
how do i have to config the Firewall between LAN-1 and LAN-2 to have access to NAS in LAN-01 and be able to go to the Internet.
In a first step it would be also helpfull just to know how to configure it to have it transparent the trafic for and back.

have a nice day
vinc

[newsense]

Hi Vikozo,

Support questions usually go to the matching version of OPNsense subforum otherwise in the General Discussions one. Thanks for taking that into consideration going forward.

[vikozo]

@newsense
right sorry, should be on the newest Productive i think 19.x
it is possible to move?
have a nice day
vinc

[vikozo]

any Help how to solve the Problem in CONFIG or Design?
have a nice day
vinc

[newsense]

First of all you want the NAS on LAN2 - with highly restricted access both in and out.

Secondly, you don't say anything about rules on the LANs. While LAN1 allows by default outbound connections any other interface will only have the implicit Deny ALL rule.

P.S. Having a single Allow ANY ANY rule on the interfaces kinda voids the need for a firewall.