Simple FW rule yet no internet

Started by Imnot A Robot, November 26, 2021, 03:13:09 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 26, 2021, 03:13:09 PM Last Edit: November 26, 2021, 06:33:13 PM by Imnot A Robotyay
Can someone help me understand why I'm not getting internet on my IoT interface when I enable the Block Private Networks rule?



Private networks are: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16

There's 1 WAN interface, 1 LAN (192.168.1.1), & 1 IoT (192.168.2.1)


:-\ And I'm unable to insert the screenshot URL so I'm attaching it. Please have a look.


Thanks,
Chris
November 28, 2021, 09:46:11 PM #1
So I'm fairly new to OPNsense myself but shouldn't this rule be covered under Interfaces --> WAN and then checking the box under Generic configuration for "Block private network"?

Once this is done it places an automatically generated rule in the firewall as desired (it did for mine at least). You need to click the little down arrow at the top of the rules to expand the automatically generated and you should see it.
November 28, 2021, 11:29:14 PM #2
Probably because your first rule is blocking access to the gateway, and in particular DNS.

You just need two rules. One to allow IOT net to access IOT address (you can limit this to just DNS if you want, but there may be other gateway services that are relevant, such as NTP) and then a second allow rule with destination of private networks but inverted, so that it allows everything except for a private network destination.
November 29, 2021, 03:03:57 AM #3
Awesome it works!

Thanks OPNsense community!

Chris
Print
Go Up Pages1
User actions