Not able to open Opt3 to WAN rules

  • I am setting up a Guest LAN on interaface OPT3.

    I want to pass all traffic from Guest LAN to Internet (inteface WAN).

    Everything seems to be blocked until I create a rule with destination ANY. Then it works but then I also can access my internal LAN (interface LAN).

    If I select destination LAN then I can acceess only the LAN. Thats what I want but for the WAN!

    In the log I see:
    block drop in log inet all label "Default deny rul IPv4"

    Any ideas?

  • Above your default ANY rule in your Guest LAN rules, put a REJECT rule with the destination 'internal' LAN. That way, none of your OPT3 users will see the LAN but can still get out to the Internet.

  • Good point! And pretty obvious now when I think about it. I guess I was thinking the other way around  ::)