Hi,
I have a question about how firewall rules behave when using XG in bridged mode, since I'm not sure I'm not using them correctly and I'm experiencing a few issues.
I have created network groups for all my vlans, like this:
HOME: 192.168.30.0/24
IOT: 192.168.40.0/24
MGMT: 192.168.10.0/24
I have some firewall rules applied, as followed:
First rule:
src zone: any
src network: HOME
dst zone: ANY
dst network: MGMT,IOT
dst service: ANY
Second rule:
src zone: any
src network: HOME
dst zone: ANY
dst network: ANY
dst service: HTTP, HTTPS
Third rule:
src zone: any
src network: HOME
dst zone: ANY
dst network: ANY
dst service: ANY
My intention was to apply some QOS shaping on the HTTP/HTTPS traffic, so that's why rule 2 is there.
The results:
Inter-VLAN traffic works
Web browsing only works if I DISABLE rule 2
I Get the impression that when rule 2 gets hit, it will ONLY allow HTTP/HTTPS and block all other traffic (including DNS lookups).
Is this the intended behaviour, or am I missing something here? Is there another way to get my intended behaviour (= different behaviour for HTTP/HTTPS vs other internet traffic)
This thread was automatically locked due to age.
