Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Allow connexions from LAN (different subnet) to WAN ? (default deny rule)
« previous
next »
Print
Pages: [
1
]
Author
Topic: Allow connexions from LAN (different subnet) to WAN ? (default deny rule) (Read 2890 times)
GiantJack
Jr. Member
Posts: 58
Karma: 1
Allow connexions from LAN (different subnet) to WAN ? (default deny rule)
«
on:
June 13, 2019, 05:42:20 pm »
Hi there !
I have on my LAN an openwrt router that I use as a dumb wifi AP.
I have setup a guest wifi AP on this device based on this howto:
http://steven-england.info/2014/11/01/openwrt-how-to-create-a-public-network-without-using-the-wan-interface/
my LAN is 192.168.1.0
My guest AP subnet is 192.168.4.0. guest devices gets IP from local DHCP in openwrt.
Following the howto, I have defined a route in opnsense to send any connexion to 192.168.4.0/24 to LAN address of my openwrt device (192.168.1.something).
I think I have everything working now, except that opnsense firewall is blocking any connexion from 192.168.4.0 to internet, based on "default deny rule"
I can see anything coming from 192.168.4.xxx is blocked, for example, in the firewall live logs:
lan Jun 13 17:33:19 192.168.4.107:45640 157.240.22.54:5222 tcp Default deny rule
I try to add a rules in LAN section to allows connexion from 192.168.4.0/24 to WAN....But didn't succeed...
It would be my very 1st rules on opnsense....if somebody can help (by the web interface is prefered) ?
Also, I was not able to find where is defined "default deny rules" ? is it visible on the web interface or implicit ?
«
Last Edit: June 13, 2019, 06:02:53 pm by GiantJack
»
Logged
One day, I will understand all of this !
GiantJack
Jr. Member
Posts: 58
Karma: 1
Re: Allow connexions from LAN (different subnet) to WAN ? (default deny rule)
«
Reply #1 on:
June 13, 2019, 06:34:57 pm »
Ok, I think I found.
I was using a rules to allows connexion from 192.168.4.0/24 to "WAN net" or "WAN address", but it needed to be to "any".
Is there any way to allows connexion to internet, but not to LAN? (not to 192.168.1.0/24)
Logged
One day, I will understand all of this !
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Allow connexions from LAN (different subnet) to WAN ? (default deny rule)