Multi-LAN Config question

[fctr]

Hello, everyone! May I just say right now that I LOOOVE OPNSense. I'm so happy I could finally tell Cisco to kiss the fattest part of my pimply, hairy bottom and toss their overpriced garbage out the window!

So here's what I have:
(1) 6 NIC Protectli PC with the latest OPNSense

One NIC is for WAN and another NIC is for LAN, the other 4 NICs aren't being used at all. That part works great. Easy as pie to setup and secure.

What I'd like to do is setup an additional LAN where each client on that LAN can only see the internet AND NOTHING ELSE IN ANY LAN; basically, a guest-style LAN. I can't imagine this is that difficult, but I could use some hand holding.

Can anyone help me out here, or point me to a guide someone's already made?

[EdwinKM]

I will not present you the complete solution. But some pointers.
  * Create the new interface
  * Enable DHCP server on it, so clients get an IP
  * Start with a "open" firewall rule to make sure everything works
  * Now create a firewall ALIAS "RFC1918" and add the "lan" addresses
  * Add a "Reject RFC1918" rule to your LAN2 interface.

You should be able to find guides on internet/youtube. Also Lawrence Systems has good guides on Youtube (albeit pfsense it should be easy to follow).