Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
vlan host to internet and vlan only
« previous
next »
Print
Pages: [
1
]
Author
Topic: vlan host to internet and vlan only (Read 496 times)
chowpay
Newbie
Posts: 1
Karma: 0
vlan host to internet and vlan only
«
on:
February 07, 2024, 06:44:36 am »
First time opnsneser long time lurker
Just finished justifying the purchase of a 4 port N100. To get started I have everything able to access everything with dhcp on all interfaces in the gateway setup below.
Interfaces : Gateway
1)WIFI : 192.168.50.1 (I plug my wifi AP here)
2)LAB : <<physical port - no gateway
- LABVlan60 192.168.60.1 << uses LAB physical port
3)Media: 192.168.40.1
4)WAN : Internet
My rules are open on everything right now. All Interfaces except WAN have these rules:
IPv4-6
Source. *
Port *
Dest *
Port *
Gateway *
What I would like to do is allow one host , 192.168.60.10 to be able to access only other machines within its vlan60 and the internet. I couldn't figure that out so I am trying to just do this rule:
Here is the firewall rule I tried to add in Labvlan60:
Action: Block
Interface : labvlan60
Direction: OUT
TCP/IP : ipv4
Protocol: Any
Source : Single Host: 192.168.60.10/24.
Destination : Media net
Rule order:
1. The rule stated above
2. * any any rule
In my head this rule works like this .. block any traffic from host 60.10 OUT of interface Labvlan60 from accessing any Media net network host.
But right now 60.10 can ping 40.10 (media net host) but its not supposed to , not sure what I did wrong
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
vlan host to internet and vlan only