What is the need for the rule on the LAN that allows internet access?
Is it there to let in any traffic from anywhere that was originated on
If I don't have any rules on the VLAN interfaces, then other VLANs
should not be able to ping each other, correct? Right now I think
they can ping each other with no rules.
I have dismantled the whole system, but am about to deploy, so I can
test this all out very soon.
On 9/30/07, Chris Buechler <cbuechler at gmail dot com> wrote:
> Rules are only applied inbound to an interface (inbound always from
> the perspective of the firewall). If you allow everything on every
> interface, everything is allowed. The default on WAN and OPT
> interfaces is no rules, so everything is denied. If you add an allow
> all rule, you're bypassing that.