LAN -> WAN Rules On PFSense

Hey all!

I’m a little confused on the LAN To WAN rules.

So, I have three interfaces:

(Main) LAN - 10.10.10.0

(LAB) OPT1 - 10.20.30.0

(Remote Access For Work) OPT2 - 10.0.1.0

I’m used to Sonicwalls at work and their rules, so my confusion is on how to give each interface no access to each other and have full access outbound to WAN.

I’ve tried the following rules:

Source:
OPT1 Subnets, OPT1 Address, Network

Destination: WAN Address, WAN Subnets, This Firewall

I know this is probably really simple and I’m just overlooking something stupid.

Thanks!

Here is a sample if I want to block anything from VIDEONETWORK (interface) to LAN.

You can do invert match too (where you set an alias). For example, you have a set of networks that you want to block, list them in an alias, and set the destination as invert match to the Address or Alias.

1 Like

So after adding in those rules I can still see my lab network from my lan network.

I have a basic rules guide here:

So I’m an idiot, I had the rules properly set but not in the correct order.

Thanks Tom!!