How to allow one port from guest network to lan?

Hi.

I am trying to setup the firewall to allow access from the guest Wifi to a lan smb server.

I have setup a guest Wifi. Everything works fine. There is one Traffic Rule "Deny Guest to Lan" which denies all traffic from guest to lan. I tried to create another Traffic Rule which allows port 445 to lan, and ordering it before and after the deny rule but this also doesnt seem to work. I also tried setting up a port forward but the "Deny Guest to Lan" just blocks everything.
Whats is the "proper" way to do this?

Thanks.

Is the SMB server's firewall configured to allow connections from the guest network?

Please, post your current firewall config file here.

if i disable the block rule everything smb works fine.

i'm not really confortable with posting my entire config here but here are the 2 rules:

firewall.@zone[3]=zone
firewall.@zone[3].name='guest'
firewall.@zone[3].input='ACCEPT'
firewall.@zone[3].forward='ACCEPT'
firewall.@zone[3].network='tm wan'
firewall.@zone[3].output='ACCEPT'
firewall.@forwarding[5]=forwarding
firewall.@forwarding[5].dest='wan'
firewall.@forwarding[5].src='guest'
firewall.@rule[13]=rule
firewall.@rule[13].dest='lan'
firewall.@rule[13].src='guest'
firewall.@rule[13].name='block guest to lan'
firewall.@rule[13].target='DROP'
firewall.@rule[14]=rule
firewall.@rule[14].src_port='445'
firewall.@rule[14].src='guest'
firewall.@rule[14].name='allow guest smb to lan'
firewall.@rule[14].dest='lan'
firewall.@rule[14].dest_ip='192.168.178.200'
firewall.@rule[14].target='ACCEPT'
firewall.@rule[14].dest_port='445'

Remove that.

Move this rule down, or just remove it.

OMG!. Thanks! It works! Makes sense now

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.