OPNSense vlan client firewall rules help

Hey guys, since early this year i’ve started self hosting. I started by setting up my own router. Its been nice so far. Although I’ve recently ran into a problem. Perhaps someone with more experience can point me in the right direction. In an attempt to prevent vlan client from accessing the internet, restricting them to only reserved addresses im coming up short. I’ve been able to do perform this for clients not using a vlan but when i apply the rule to a single vlan client, it appears to break the network. Any help would be much appreciated. --Cheers!!

giacomo,

Permit vlan subnet, deny everything else?

rainbowgreen,
@rainbowgreen@lemmy.world avatar

Yes.

sneaky_b45tard,

I think you should provide more information about the rule you created.

rainbowgreen,
@rainbowgreen@lemmy.world avatar

Deny everything, Permit only private address range, specifically the subnet the device is on.

sneaky_b45tard,

A firewall usually reads the rules from top to bottom and applies the first match. So when your first rule is deny everything , it will deny literally anything before the second rule will be applied.

Your deny rule should always be at the end.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • uselessserver093
  • Food
  • aaaaaaacccccccce
  • [email protected]
  • test
  • CafeMeta
  • testmag
  • MUD
  • RhythmGameZone
  • RSS
  • dabs
  • Socialism
  • KbinCafe
  • TheResearchGuardian
  • oklahoma
  • feritale
  • SuperSentai
  • KamenRider
  • All magazines
    •