You have to click the apply button to reload the filter. This settings should just work. I have similar setups.
Other option is instead of having the NOT LAN rule to break it up into 2 rules, one block at LAN2 from any to lan subnet and a pass any to any rule below that. Holger -----Ursprüngliche Nachricht----- Von: Jeremy Bennett [mailto:[EMAIL PROTECTED] Gesendet: Montag, 26. Februar 2007 21:30 An: [email protected] Betreff: Re: AW: [pfSense Support] new user... need help with Rules Hmmm... I'm doing something wrong. I got it to assign my laptop the proper address. I did this: > Then go to firewall/rules/lan2tab > Add a rule: pass, protocol any, source (IP of notebook), > destination any, gateway default Then I did this: > Below this add a rule: pass protocol any, source lan2 net, > destination NOT LAN, gateway default Which is where I went wrong. I've put in the following: Action - Pass; Interface - LAN2; Protocol - Any; Source - LAN2 subnet; Destination - NOT 'LAN subnet'; Gateway - default. I think the problem is with my Source/Destination type... once rules are applied, they go into effect as soon as the filter is reloaded, correct? My main goal is to make LAN totally invisible as far as LAN2 is concerned. Thank you again for your help. Mahalo, Jeremy On Feb 26, 2007, at 1:13 AM, Holger Bauer wrote: > First create a DHCP-server fort he LAN2 segment at services/ > dhcpserver/lan2-tab and add a static mapping for the mac of your > notebook. > > Then go to firewall/rules/lan2tab > Add a rule: pass, protocol any, source (IP of notebook), > destination any, gateway default > > Below this add a rule: pass protocol any, source lan2 net, > destination NOT LAN, gateway default > > That's all that is needed. > > Holger > > -----Ursprüngliche Nachricht----- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 26. Februar 2007 10:39 > An: [email protected] > Betreff: [pfSense Support] new user... need help with Rules > > I have pFsense 1.0.1, with a WAN, LAN and LAN2. The WAN gets an > address > via DHCP from local cable provider. LAN (192.168.12.1) is my (soon > to be) > private network, and LAN2 (192.168.12.1) has a couple of wireless > bridges/APs at 192.168.12.253 & 254. What I need to do is create a > rule > that blocks traffic between LAN2 and LAN, yet still allows my laptop > (192.168.12.99, assigned via MAC/static) to access LAN while > wirelessly > connected to LAN2. Any help or guidance on this is much appreciated. > > Mahalo, > Jeremy > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
