LAN to WAN Default Rules
-
Hi,
Fairly new to pfSense and trying to understand some strange behaviour. I've setup some rules (see pic) and it's always the last rule that seems to catch the LAN to WAN traffic. My LAN is 192.168.2.0/24 but why don't the earlier rules pickup this traffic? It's as if it does not recognise WAN / WAN Address?
Thanks
Phill
-
WAN address= your WAN IP
WAN net= your WAN subnet (not "the" Internet, this is a common mistake)
*= any)-Rico
-
@Rico Thank you. Just updated the rule and tied it down to the WAN gateway and looks to be working. I'd misunderstood the concept of what the WAN net / WAN address were, thanks for the explanation.
-
@phirst Use the Lan net alias as a source.
If you change the subnet address on the LAN interface you'll lock your self out.
https://docs.netgate.com/pfsense/en/latest/firewall/rule-list-intro.html
BTW if you change firewall rules and it's not working as expected kill the firewall states.
-
@NogBadTheBad Thanks for the suggestion... I was only showing the bottom part of the rules for the LAN. The full set are here and I still have the anti lockout rule at the top :) Just trying out your suggestion and will monitor for a few minutes - see which rules pick it up. Thanks.
