Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Allowing Internet Access

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 2 Posters 377 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      froussy
      last edited by

      Good day,

      building a new XG7100 to replace a fortigate..

      I have 5 interfaces.. 2 of them i block them to access other network, but I want to allow them to access internet only...

      i dont find the way :(

      Thanks

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        Rules are evaluated as traffic enters an interface from the network the interface is connected to.. Top down, first rule to trigger wins..

        If you want to block lan from going to vlan X, then at the top block lan net from going to vlan X on your lan interface, above the default any any rule that lets it go to the internet.

        Post up your interface rules - and can help you with what your doing wrong.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        1 Reply Last reply Reply Quote 0
        • F
          froussy
          last edited by

          so.. something like that should then be ok ?

          allow some access and block the rest
          Capture1.PNG

          allow traffic between 2 interface, but allow only one machine to access the net
          Capture2.PNG

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            Not sure what is in your aliases - but yeah that is how you would do it.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.7.2, 24.11

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.