Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
GeoIP inverse rule not working
« previous
next »
Print
Pages: [
1
]
Author
Topic: GeoIP inverse rule not working (Read 2069 times)
wallaby501
Newbie
Posts: 12
Karma: 0
GeoIP inverse rule not working
«
on:
March 27, 2021, 02:26:16 am »
Trying to configure GeoIP and am unsure what I am doing wrong.
I'm trying to make my firewall aliases smaller by selecting the countries I want to allow then just inverting them.
So I've selected maybe 15 countries and made a GeoIPv4 alias (only IPv4 entries).
I then go to make a rule on my LAN with
- reject
- ipv4
- in
- destination ! GeoIPv4
This does not work. It seems to just block any and all traffic on the LAN. I've upped the max firewall entries from 400k to 800k, recreated the alias etc. and nothing seems to work. My only real thought is I either need to make it out direction OR make a newer alias including GeoIPv4 and LAN in one (so I can hit my dns, etc.)
«
Last Edit: March 27, 2021, 03:25:40 am by wallaby501
»
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: GeoIP inverse rule not working
«
Reply #1 on:
July 05, 2021, 08:45:17 pm »
did you manage to solve this? I'm finding a similar behaviour.
Logged
cmmh
Newbie
Posts: 10
Karma: 3
Re: GeoIP inverse rule not working
«
Reply #2 on:
July 09, 2021, 10:43:59 pm »
I have Geoip Egress and Ingress rules working. I believe you need to have them on the WAN interface. Since the "next hop" for devices on the LANs is the OPNsense router itself.
At least that is what I found to work for me after much trial and error.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
GeoIP inverse rule not working