I need some help getting my mind around the methodology of rules in pfSense.
Most basic tutorials show adding the LAN rule of LAN net * * * * , this is even the default out of the box.
My issue is this sets up a deny-by exception enviroment instead of allow-by exception. If I add a guest LAN now I have to define blocks to prevent cross talk. Setup more than 2 lans and now I would spend more time trying to put in all the deny rules.
I’m familiar with FortiGate where you simply define a LAN to WAN rule and it only allows… LAN to WAN.
Someone please tell me I’m missing something simple.