Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
multi WAN and routing from DMZ to LAN
« previous
next »
Print
Pages: [
1
]
Author
Topic: multi WAN and routing from DMZ to LAN (Read 2382 times)
innovaesoftware
Newbie
Posts: 1
Karma: 0
multi WAN and routing from DMZ to LAN
«
on:
July 04, 2019, 03:52:05 pm »
Hi all,
I am new to opnsense and am configuring a 19.1 box. My configuration is as follows:
- 2 WAN interfaces configured for failover WAN1, WAN2
- LAN interface
- DMZ interface
- OPT1 interface
I set up multi WAN and all seems to work. In order to do correct routing (at least, I suppose) I added in firewall - rules - LAN a rule to forward all traffic through the gateway group which is configured for failover. Just in top of it, a rule whch routes LAN to DMZ traffic through default gateway to avoid it to be routed towards WAN.
Similar configurations are in place on DMZ and OPT1 interfaces to permit traffic towards each other.
The problem is, doing so I am basically opening traffic for example from DMZ to LAN. I thought I could patch this with a block rule on LAN interface to filter traffic from DMZ to LAN, but looks like it does not work (I think once the DMZ rule has set PASS on the connection, no further rules are processed, right?). Any help? Thanks in advance.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
multi WAN and routing from DMZ to LAN