Need help to block other networks

bchristopeit

Hello together,

I am using a Super Micro XG-1540 with fiber. I have configured everything like:

WAN
LAN (Fiber) 10.3.1.1/24 DHCP: NO
VLAN1 at LAN Public WLan 10.1.1.1/22 DHCP: Yes
VLAN2 at LAN Office Lan 10.2.1.1/24 DHCP: Yes

Everything is working but now I have a problem. If I connected to one of the other Lans I could join the other range. I created a rule but its not working. Could someone help me?
![Bildschirmfoto 2016-07-08 um 15.30.39.png](/public/imported_attachments/1/Bildschirmfoto 2016-07-08 um 15.30.39.png)
![Bildschirmfoto 2016-07-08 um 15.30.39.png_thumb](/public/imported_attachments/1/Bildschirmfoto 2016-07-08 um 15.30.39.png_thumb)

johnpoz

Not sure what network is which there in your pic because you didn't stat what is vlan1 and what is vlan2

But rules are evaluated top down first rule to trigger wins.

So if you don't want vlan1 talking to vlan2 then on the vlan1 interface which is where traffic will enter pfsense from vlan1 you would pick your source of vlan1 net, dest vlan2 net and block.. Put that as your first rule.

On vlan 2 interface you would do the opposite source would be vlan2 net, dest would be vlan1 net block. This rule needs to be at the top of rules for that interface.

There you go vlan1 and vlan2 can not talk to each other. Unless you put rules above that block that allows the traffic you want.

Your rarely going to see a source network on a interface in pfsense that is not the network the interface is in. Unless you had downstream routers, etc.. that route through that interface.

bchristopeit

Thank you. Its working now :). Its my first project with pfsense but I think I like it.