Dissalow https and ssh services from a host

[lonewolf7]

Hello to everyone, i have a home network with 192.168.1.0/24 subnet, router is on 192.168.1.1. I made a fresh installation of opnsense at a VMware VM with 2 adapters, 1 bridge for WAN and 1 host-only for LAN with IP 192.168.10.1. I also setted 1 ubuntu VM in the 192.168.10.0/24 network with host only adapter. How i can dissalow the traffic for https and ssh services for the ubuntu VM ? I tried to set 2 inbound and 2 outbound rules on LAN interface for the specific host but i can still connect to https and make/receive ssh connections. Thank you in advance

[doktornotor]

Connect from where?

[lonewolf7]

from other hosts the to the restricted one via SSH

[doktornotor]

What other hosts? On LAN? They go through the switch, you cannot do this on the firewall.

[lonewolf7]

i want for a host that has IP 192.168.6.10/24 disable SSH services for incoming and outgoing connection. It cant be done?

[doktornotor]

Not when the Ubuntu VM is on the same interface/subnet as the hosts you want to block access from.

[lonewolf7]

Can you guide me please what to do?

[doktornotor]

Put the VM on a new interface, like 192.168.100.0/24, not on LAN.

[lonewolf7]

still doesnt work

[doktornotor]

Eh, post your network setup and firewall rules. Crystal ball missing.

[lonewolf7]

Home Network 192.168.1.0/24 (gateway 192.168.1.1)
OPNsense at VMware VM with 2 network adapters (1 Bridge-Mode for WAN (DCHP for WAN) & 1 Host-only for LAN 192.168.6.1
Ubuntu client at VMware VM with network adapter host-only (192.168.6.10 static IP and gateway OPNsense)

[doktornotor]

Can you post the firewall rules as requested. Screenshots, not description.

[lonewolf7]

Attached

[doktornotor]

What's the "blocked host"?

[lonewolf7]

the ubuntu client