VLAN needed inbound and outbound rule to work?

[shtech]

I've got two instances i manage.

I moved them both to protectli devices (2.5gb model).

Both of them have 1 vlan for guest network.
Firewall A the VLAN200 has two rules. It works fine.
1. block traffic from the LAN
2. Allow any outbound.
3. Outbound NAT is set to hybrid, as I have a homelab behind it.

Firewall B i created the same vlan, id 200.
Rules are the same. Block outbound to lan, allow anything out.
outbound NAT is set to Automatic.

However this vlan wouldn't work until I added another inbound rule allow any traffic in.

The only difference is Firewall A was a restore from another opnsense. Firewall B was a fresh setup.

I'm guessing I overlooked something in firewall A that firewall B didn't have. I'm about to help a friend setup an opnsense and i'll be creating a vlan for their guest network, just making sure I'm not forgetting something.

Firewall A:

[Patrick M. Hausen]

Please post your rules. In most cases all rules should be "in". "in" and "out" are as seen from the firewall's point of view. Traffic going from LAN to the Internet is not "out" but "in" on the LAN interface.

[shtech]

You know, i didn't even catch the other firewall's VLAN rule was in and not out. deleted the out rule and that vlan is working fine.