I still a bit new to pfSense but I would like to use it in a small business. I have a Protectli FW6A 6 port device that I have the latest pfSense CE installed. I am seeking advice on configuring the interfaces and vlans. I have two interfaces LAN and OPT1 connected to separate switches, each switch has a collection of vlans for various departments. I need to keep the interfaces separated for security reasons but I do have domain controllers and print servers in each that need to communicate with each other. My question is about firewall rules. Should I leave the interfaces open and focus the rules on the vlans?
Thanks
I saw these. I’m a bit confused on where the firewall rules should be? The Interface rules or the vlan rules or both? I was planning on opening up the Interface rules between LAN and OPT1 to allow all and focus the rules in the vlans to manage the traffic like RFC1918, allow the used DCs ports, and print services ports. Does this seem reasonable?
