Do I need to invert pfsense firewall rules for vlan?

A

Artem Enin2018-06-21 20:37:12

Computer networks

Artem Enin, 2018-06-21 20:37:12

Good day friends. The thought is spinning, but I can't catch it. Now I am compiling my own TOR. There are three vlana: USERS, PRINTERS and NAS (subnets are not important here). In the firewall rules for printers, roughly speaking, I specify PASS - Source: USERS and DESTANATION: PRINTERS .. and as I understand it, you also need to create the opposite rule (pass - source: printers and destanation: printers), or pfsense, when setting the first rule , initiates a reverse (reciprocal) permission to pass traffic?
A similar question in terms of the 3rd Vlan - NAS (a single network storage with a WEB interface), the same situation with respect to USERS vlan?
And, to complete the picture, will knowledgeable people tell me the ports that can be limited to working with printers and NAS?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dmitry, 2018-06-21
@Tabletko

If on the other hand, the connection is also initiated, then it is necessary. Otherwise, the rule is written only for the interface from which the connection is initiated