New firewall rule does not seem to work
-
I have two ports on my pfsense router that that I need to make sure one does not see the other. One port is a standard and the other port on the nic has two vlans. I have tried to create a rule on one of the vlan interfaces that blocks all the traffic coming from the "LAN" interface which is the other nic port. After adding and loading the rule I can still ping hosts on the VLAN from hosts on the LAN port.
Can somebody step me through how to add in a rule that blocks all traffic in such a fashion?
-
The bottom rule is the one I've created that does not seem to work (it's still letting icmp through anyway) The blacked out is the vlan net name - intended for the entire vlan network.
-
Rules are evaluated top-down, so the rule above your block rule will allow everything. Move your block rule to the top and change the Destination to the VLANs you need to block.
-
@KOM:
Rules are evaluated top-down, so the rule above your block rule will allow everything. Move your block rule to the top and change the Destination to the VLANs you need to block.
Ah ok - that did it thanks!