I sat down at began setting up my new 20X, and I seem to have an issue with Inter-VLANs not being blocked via firewall entries.
I have a lot of VLANs and need granular restrictions…
20X WIFI AP is set for VLAN5. Laptop gets DCHP assigned address correctly for that VLAN. All VLANs have inter-routing enabled.
At first when I tried to ping other VLANs from my laptop, it didn’t work. I double checked my firewall entry and it looked fine with 10.5.1.0 (VLAN5) allowed to communicate to ANY IP. I then disabled all rules to eliminate all potential issues. Suddenly, I could ping all VLANS and the untagged net from VLAN5.
I went back and re-enabled some firewall rules, but I still was pinging all VLANS. I then explicitly put a rule in to DENY any ICMP from VLAN5 to ANY. I am still pinging away. The logs show no firewall activity ever. I have uBlock disabled.
Where am I going wrong?
Thanks!!
Here’s a screenshot (second octet is VLAN#):
