Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 13590 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to allow traffic from one VLAN to another

juan jului

I have two VLANS

VLAN100 192.168.1.x/24

VLAN200 192.168.2.x/24

I'd like to allow some traffic from VLAN200 to shared resources on VLAN100 (ad blocker, Plex).  I defined the hosts under IP host.  I created a host group for both, but I can't select that so for now, my rule just lists them

Here is my attempt to do so:

https://imgur.com/LTA50Pf

https://imgur.com/vvV1mHG

But it's not working...  Can anyone help?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to juan jului

    Hi,

    the current version of XG does not support the use of VLANs in firewall rules, though I suspect they are just the names you have given your IP address ranges.

    What do you expect to happen if the traffic is passed down the VLAN to those devices? Are you expecting the output of those devices to connect to the internet via another firewall rule?

    Ian

    Update. Rules work from top down not by number. Also your country blocking rules will need to be at the top, though until v17 MR-1 country blocking does not work.

  • 0 in reply to rfcat_vk

    Correct, so I had to create a source zone whose member is the second vlan 

     
    Port1.200

    I make VLAN1 part of LAN

  • 0 in reply to juan jului

    You have tried to put too much into one rule.

    2/. destination any, any, source vlan200. anti-ad box

    1/. source vlan100, any live user, destination vlan200 anti-ad box allow

    3/. you will need another network rule so the traffic comes out of the anti-ad box to the other box unless you physically connect them and call the group the anti-ad box.

    Why don't you just connect the anti-ad box between the users and the XG, much simpler to manage?

    Ian