OPT1 as second LAN
-
Hello to everybody! First of all
I want to turn the OPT1 interface into a second LAN. This is my settings:
WAN: public ip
LAN: 172.31.255.0/28
OPT1: 192.168.10.0/24i have added this rules to the firewall setting OPT1 page:
Proto Source Port Destination Port Gateway Schedule Description
* OPT1 net * * * * Default OPT1 -> anyso i can surf the web. The problem is i cannot ping the machines in OPT1 from LAN (OPT1->LAN is ok). So i added this rule
* LAN net * OPT1 net * * LAN -> OPT1but i can't still ping the machines in the OPT1 subnet. Please, can you tell me my mistake?
-
Your second rule is reduntant.
The default rule already includes this case.Did you make sure on the machine you're trying to ping, you have the firewall disabled/allow pings ?
-
ok, you can kill me beacuse windows firewall turn himself on without notice, but i still stucked in this scenario.
LAN -> OPT1 ok
OPT1 -> LAN no ping and i have to add this rule* OPT1 net * LAN net * * OPT1 -> LAN
plus, i can't surf the web anymore from OPT1 subnet
-
Yes you can no longer go to the internet, because your rule doesnt allow access to "any".
Just have a rule on OPT1 similar to the rule on LAN:* OPT1 net * * * * OPT1 -> any
Have you tried to look at the firewall log to see if something gets blocked?
-
Thanks, now it works!