Multiple LAN routing trusted to untrusted?

  • Hi.

    I have a two LAN setup + one WAN.

    Lets call them trusted LAN and untrusted LAN (for guests).
    Both should access WAN (internet).
    The trusted LAN should be able to connect any device in the untrusted LAN, but the devices in the untrusted LAN should not be able to connect to the devices in trusted lan.

    Is there a way to do it? Or should i change the concept? Have some computers in the untrusted LAN and want to access them via RDP for example.


  • Such a setup is a basic feature of pfSense. pfSense filters the traffic usually on that interface where it comes in.

    So you would have filter rules on both LANs which allow any to any for internet access (default rule on LAN).
    Now you have only to set a block rule with destination = trusted LAN network on the top of the untrusted LAN rule set.

Log in to reply