Rules question from a Firewalla noob

Follow

Patrick Plummer

• March 22, 2023 17:47

I want confirmation that I am setting my rules up correctly more than anything really.

I want a specific IP address to have access to one device on my LAN so it can upload and download files via sftp, but not have access to any other devices on my LAN. I have just gotten a smart switch that I will be setting VLANs up on in the future, but haven't got that figured out quite yet :) . But I need to get this connection up and running in the short term using rules alone for now.

I know that allow rules take precedence over block rules, so I have set this up like so:

Rule 1: Allow - matching: <IP address from outside> - on: <device on my LAN> - bidirectional - always

Rule 2: Block - matching: <IP address from outside> - on: Network LAN1 - always

Is this correct? Constructive criticism welcomed!

TIA. Pat

0

• 

  Firewalla

  • March 22, 2023 20:16

  Take a quick look at this https://help.firewalla.com/hc/en-us/articles/1500009502622-Create-Port-Forwarding-on-Gold-Purple

  Here you can port forward (I assume this is what you are doing) and then limit the IP accessing the port forward on the same rule.

  0

  Comment actions Permalink
• 

  Patrick Plummer

  • March 22, 2023 22:45

  I have forwarded the port already, but want to make sure that this flow will not have access to any other devices in my LAN. Do I not need any other rules to ensure this?

  0

  Comment actions Permalink

Please sign in to leave a comment.