« prev :: next »


We want systems on the LAN and OPT1 networks to be able to go anywhere and do anything they like. Systems on the OPT2 network should only be able to see other systems within the lab networks.

The firewall blocks all traffic by default. To enable traffic the way we want it, configure the following rules:

  • Firewall > Rules > LAN
    • Allow LAN to any:
      • Accept all default values except the following.
      • TCP/IP Version: IPv4+IPv6
      • Source: LAN Net
      • Description: Allow LAN to any.
  • Firewall > Rules > OPT1
    • Allow OPT1 to any:
      • Same as for LAN, except OPT1.
      • Source: OPT1 Net
      • Description: Allow OPT1 to any.
  • Firewall > Rules > OPT2
    • Allow OPT2 to LAN:
      • Accept all default values except the following.
      • TCP/IP Version: IPv4+IPv6
      • Source: OPT2 Net
      • Destination: LAN Net
      • Description: Allow OPT2 to LAN net.
    • Allow OPT2 to OPT1:
      • Same as OPT2 to LAN, except:
      • Destination: OPT1 Net
      • Description: Allow OPT2 to OPT1 net.
    • Allow OPT2 to OPT2:
      • Same as above, except:
      • Destination: OPT2 Net
      • Description: Allow OPT2 to OPT2 net.

Be sure to apply all changes. All systems on the network should be able to communicate with each other now, and all but the OPT2 network should have WAN access. Go ahead and power down the system and make a snapshot called “Firewall Configured.”


« prev :: next »