Looks like you are confusing the zone-to-zone traffic forwarding and intra-zone forward policy.
You can remove the IoT-to-WAN forwarding, but allow the IoT intra-zone forward.
1 Like
Oh, wouldn't removing the wan forward cause the devices on the IOT zone to not get internet? I want them to still be able to get online and receive updates (notably because I have a raspberry pi running a backup server on it and that needs to be able to get an internet connection). I specifically made the iot zone so those devices don't sit directly with the others (e.g. a computer or cell phone) in case they become compromised so the compromised device doesn't end up harming the computers on the other zones (granted, the devices on the iot zone will unfortunately get infected too but it's better than having the entire network compromised)
I eventually figured it out! I made a seperate vpn zone and had that forward to iot and wan, with the forward chain set to accept and got it all working.
1 Like
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.