public carp and private wan ip adresses, how to build firewall rules for internet access
-
Hi,
in my environment i have two pfsense boxes,
box 1:
wan: 172.30.0.1/30
gw: 80.123.89.9
carp: 80.123.89.10/30box 2:
wan: 172.30.0.1/30
gw: 80.123.89.9
carp: 80.123.89.10/30My question is, how can i configure the firewall rules to give a network access to the internet and block access to other interfaces/networks. Like a DMZ.
With a rule set to any - any and pass i can reach the internet but a rule with any - wan net and pass i can't access the internet.
Thanks for advice!
-
i figured out that this is working for my purposes:
But do i always need a block rule for all other interfaces? Is there nothing similar to a implicit deny rule? (like i see at a fortigate)