I just setup a new device with 3 interfaces
External - [static IP]
Internal - 192.168.1.0/24
DMZ - 192.168.2.0/24
Straight from the wiki is a description of what I want to accomplish:
If you're looking for a guest WiFi network walled off from your private network, the easiest way is to plug the wireless AP into its own interface and configure the Untangle to hand out DHCP on that interface. You can then use the Firewall to wall off that interface from connecting to your private network.
Wireless AP is plugged into the DMZ and DHCP is working properly. Internet is working correctly on both Internal and DMZ network segments.
So far so good but I also want to separate the two networks as described in the wiki. I have added and enabled the firewall rules shown in the attachments to attempt to block traffic between Internal and DMZ. The default action of the firewall is pass and there are no other firewall rules. However, I can ping between the interfaces and ever RDP to a server from the DMZ - not a desired action. Nothing shows in the firewall logs as blocked or passed. Is there a settings somewhere that is bypassing my rules or do my rules need to be modified?
I am sure this is very simple but the "duh" moment has not hit me yet. Maybe one of you kind souls can show me the error of my ways.