OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 23.7 Legacy Series »
  • Only allow communication to certain IP-adresses
« previous next »
  • Print
Pages: [1]

Author Topic: Only allow communication to certain IP-adresses  (Read 616 times)

NB

  • Newbie
  • *
  • Posts: 1
  • Karma: 0
    • View Profile
Only allow communication to certain IP-adresses
« on: September 19, 2023, 08:50:38 am »
Hi

I have a separate VLAN where I have some equipment that only should be allowed to communicate with a few specified IP-adresses over port 443
All communication starts from these units but response from WAN needs to be allowed
The units also needs access to a few URLs and access to an NTP server

I have made an alias with the IP-adresses, URLs and allowed DNS etc. but the units can't get a connection with the servers
I'm not at home right now so I can't take a screen shot of my config but maybe someone have any tips in broad terms

Otherwise I will provide more information when I get home
Logged

Saarbremer

  • Sr. Member
  • ****
  • Posts: 353
  • Karma: 14
    • View Profile
Re: Only allow communication to certain IP-adresses
« Reply #1 on: September 19, 2023, 09:17:05 am »
Hi,

here are some thoughts:

* Allow DNS traffic to your target DNS servers.
* Allow HTTPS traffic to your target HTTPS servers
* Allow NTP traffic to your target NTP servers

Switch logging on, generate traffic and check if these rules match.

Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 23.7 Legacy Series »
  • Only allow communication to certain IP-adresses
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2