Firewall rules doesn't block vlan to lan traffic

  • Hello friends,
    I am new to the pfsense and trying to isolate my IOT vlan from lan. I setup all the rules to my knowledge and my readings.. but it looks like something very crucial missing from my setup. When testing, my lan is still accessible from vlan. Here are my lan and vlan rules:


    IP assignment and everything is working as expected.
    Here is my Netgear prosafe switch configuration:



    I have two nics. one for each lan and vlan.

    Please let me know if I need to provide any other configurations on pfsense. I will be glad to provide it.


  • @andy22
    I made some changes to the IOT vlan rule where it blocks connection to my lan I think .. but I don't know whether they are correct or not.

    I can't ping my device from VLAN to lan (this is desirable. Earlier, it wasn't happening)
    But I can't ping devices from lan to vlan. I want that connectivity since I will be running Chromecast, Alexa and printers, sprinkler system, etc into my vlan and to cast, I think lan needs to have visibility into my vlan. Please correct me if I am wrong.
    Can someone please suggest me firewall rules I need to set on lan (or on vlan) so that I have visibility from lan into vlan?

  • I have somewhat of same issue, a bit different. I am able to block my IOT LANk from accessing my home LAN but for some reason cannot prevent devices on the new IOT LAN from accessing PFSense GUI/ssh-22. (the 3rd rule in the list below, where all the other rules there do work, just not the 3rd one)

    alt text

Log in to reply