Firewall permission problems for internet access

  • hi folks, this might be a rather unusual setup but still im hoping that someone can give me a hint…

    ive setup pfsense as follows:
    WAN - -- gateway
    LAN -
    WLAN - bridged with LAN

    i began with setting the firewall rules to any - any for every interface
    and i can successfully ping the WLAN/LAN and WAN subnet aswell as the external internet

    but now i want the WLAN network to only be able to access the internet and with selective rules allow access to single hosts in the "WAN" network (eg host

    to test i started off deleting the any-any rule for the WLAN interface and added the following to the said interface:
    any -> WLAN subnet
    any -> LAN subnet
    any -> WAN adress

    the other interfaces carry on with the any-any rule

    now i can ping the hosts in the WLAN and WAN subnet (eg ping to host works) but i cant ping my providers DNS server (ip)

    what i also tried is pinging from the diagnostics menu - WAN interface -> DNS server which works
    somehow the firewall wont quite understand the last rule correctly, or im doing something rong =)

    could someone give me any hints to get the internet access working? (without having to use the any-any rule) =P

    thank you in beforehand  ;D

  • Adding a rule allowing traffic to the WAN address does just that - allows traffic to your WAN IP. You need to change the destination to "any", or not your internal network, or block your other internal subnets before allowing Internet traffic.