Firewall rule for dedicated dmz network

manuel · December 13, 2019, 03:22:13 PM

Hello
I'm trying to setup a separate dmz network (no dhcp). The goal is to have only Internet access from this network. No Access to LAN on this new network at all. How can I achieve this? I tried to configure the fw according to the opnsense how to "Setup a guest network" but I can't resolve host names at all and browse the internet.

What is wrong with my fw rules?

Thank you very much for your help.

Manuel

bartjsmit · December 13, 2019, 04:34:36 PM

Run a packet trace and see if the DNS packets are allowed to the internet?

Interfaces -> Diagnostics -> Packet Captures

Bart...

manuel · December 14, 2019, 12:24:01 PM

Hello
Managed to create the following FW rules. It's now working :-)

Thank you for your help.

Manuel

Firewall rule for dedicated dmz network

manuel

December 13, 2019, 03:22:13 PM

bartjsmit

December 13, 2019, 04:34:36 PM #1

manuel

December 14, 2019, 12:24:01 PM #2