Block traffic from opt1 to lan but allow to wan
-
I have Three interfaces in pfsense, LAN, WAN and OPT1
I want to let opt1 access internet (wan) but not being able to access hosts in LAN.
I created these rules in opt1 but hosts in opt1 can 'see' the hosts in LAN.
If I change the first rule to anything else, internet stops working in opt1
What am I missing here?
EDIT: I FOUND:
It happens only when i enable squid. The point is that I need squid to be enabled, so how can I block opt1 squid(ers) from acessing lan hosts?
-
I have Three interfaces in pfsense, LAN, WAN and OPT1
I want to let opt1 access internet (wan) but not being able to access hosts in LAN.
I created these rules in opt1 but hosts in opt1 can 'see' the hosts in LAN.
If I change the first rule to anything else, internet stops working in opt1
What am I missing here?
EDIT: I FOUND:
It happens only when i enable squid. The point is that I need squid to be enabled, so how can I block opt1 squid(ers) from acessing lan hosts?
Ok, I've found the solution again, i needed to use this configuration:
Bypass Proxy for These Destination IPs : 192.168.1.0/24
Then, proxy is bypassed, and the firewall rules do not allow the lan hosts..