hi all,

im really struggling on how to create lan to lan firewall rules, so i want lan 1 subnet to talk to an ip address on lan 2

i attach a screenshot on what i have done but its not working as when i putty into the lan 2 ip address from a lan 1 subnet machine it doesnt work

https://s8.postimg.cc/qorf88opx/firewall_filter.png

really sorry for the stupid question

cheers,

rob

In "Service Type", it looks like you are locking down the source port - you need to leave that open, only specify the destination port.
i.e.
Source port = 1 ~ 65535
Destination port = 22 ~ 22

The connection can come from any port on the client machine, but is going to the service listening on a particular port on the server.

Thanks

Also do i need to tick the tick box for inter vlan routing

I dont want to do this as port 2 or lan 2 is a DMZ and i dont want to allow ANY to ANY port really

Yes, you would need that box ticked.

You would need another firewall rule to block all traffic between those vlans, with the port 22 rule alowing just the traffic you wish to let through.

sorted it,

i checked in LAN > General the "inter vlan routing" but this made all my LANS talk to eachother which i dont want

i then went into Firewall > Filter Setup to set up block rules so the two LANS cant talk to eachtoher and above the block rule i created a rule to allow LAN 1 subnet to talk to LAN 2 IP host on 22

all is good

thanks guys for all your help, much appreciated

rob