Simple FW rule yet no internet

[Imnot A Robot]

Can someone help me understand why I'm not getting internet on my IoT interface when I enable the Block Private Networks rule?



Private networks are: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16

There's 1 WAN interface, 1 LAN (192.168.1.1), & 1 IoT (192.168.2.1)


  And I'm unable to insert the screenshot URL so I'm attaching it. Please have a look.


Thanks,
Chris

[nodakbarnes]

So I'm fairly new to OPNsense myself but shouldn't this rule be covered under Interfaces --> WAN and then checking the box under Generic configuration for "Block private network"?

Once this is done it places an automatically generated rule in the firewall as desired (it did for mine at least). You need to click the little down arrow at the top of the rules to expand the automatically generated and you should see it.

[Greelan]

Probably because your first rule is blocking access to the gateway, and in particular DNS.

You just need two rules. One to allow IOT net to access IOT address (you can limit this to just DNS if you want, but there may be other gateway services that are relevant, such as NTP) and then a second allow rule with destination of private networks but inverted, so that it allows everything except for a private network destination.

[Imnot A Robot]

Awesome it works!

Thanks OPNsense community!

Chris