I have some firewall rules that are blocking some of my networks from communicating or seeing one another. This is working fine. I am trying to allow some traffic through and am wondering the best way to accomplish this. I have a UAPs that dropped off the remote server when I put them in place. Also I had a DVR on one network that I could not hit from my main network.
add action=drop chain=input comment="Guests don't reach other routers" \
dst-address=!192.168.20.1 src-address-list="Guest Network"
add action=drop chain=input comment="School don't reach other routers" \
dst-address=!192.168.30.1 src-address-list="School Network"
add action=drop chain=forward comment=\
"Stop Guest Network Access to Staff Network" dst-address-list=\
"Staff Network" src-address-list="Guest Network"
add action=drop chain=forward comment=\
"Stop School Network Access to Staff Network" dst-address-list=\
"Staff Network" src-address-list="School Network"
The DVR is in the school, but I would like the main office network 192.168.10.1 to be able to view it. Also the UAPs connected in the school and guest network cannot get to the off premise Unifi server.
I am not sure what the best rules are to allow the traffic to pass.
Thanks in advance for any help.