Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    Guest VLAN firewall rule

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 829 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      avmike
      last edited by

      I am trying to configure my box with the following:

      prod LAN = 192.168.1.0/24 on LAN
      Guest VLAN = 192.168.2.0/24 on OPT1

      Everything was working, however guest VLAN machines could access production LAN.  So I changed default firewall rule to specify the destination as "WAN net" instead of "*".  However, now clients cannot even ping the default gateway 192.168.2.1, and I'm not sure DHCP is working on 192.168.2.0 with the rule change.

      Thanks,
      Mike

      1 Reply Last reply Reply Quote 0
      • A Offline
        avmike
        last edited by

        I think I have it licked.  I put a firewall rule to block from OPT1 to LAN.

        1 Reply Last reply Reply Quote 0
        • P Offline
          phil.davis
          last edited by

          I changed default firewall rule to specify the destination as "WAN net" instead of "*".

          When you do that, you are only passing traffic that is going to the little subnet between your WAN interface and your ISP.
          That is a fairly restricted subset of the actual public internet - probably not a lot of interesting sites to browse in there  :P

          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.