How to block file server from the WAN

[neutron450]

Hello kind folks,

Forgive me for repeating a question if it has come up before. I've done a couple hours of searching and haven't found answers I can get my head around. I have a OMV file server I would like to access within my LAN but I'd like to wall it off from the outside world. Could someone get me pointed in the right direction?

Thank you!

[Patrick M. Hausen]

If you have a fresh default installation of OPNsense nothing will be coming in through your WAN. The product is default deny as it should.

Devices on LAN communicate with each other without the firewall ever getting involved at all. Your switch does that.

[neutron450]

Thanks Patrick, I'll look into getting a switch. That may help.

It is fairly fresh--I've been poking at it over the past few days. The WAN is open so my PCs can access the web. So far so good.

I'm wondering though if it's possible to build a firewall rule that allow access to and from my file server within the LAN, but also keep the server safe from the outside world.

[Patrick M. Hausen]

For your PCs to access the web the WAN does not need to be open from the outside in. And in the default setup it isn't. I hope you did not explicitly open it.

The firewall knows about directions, what is inside and what is outside, and who initiated a connection. The default setup allows all devices on LAN to open connections outward to the Internet but nothing from the Internet to open a connection inwards.

Also if your PCs and your file server are already in the same LAN, they can communicate - completely without a firewall. How are all these devices connected to each other?

[neutron450]

Sounds like I'm all set then. Thanks for the feedback!