Hey @Shad0w / @DarklightRanger
I fully appreciate the need to start configuring firewall rules, and how to manage that on a per-VLAN basis.
We've made some changes, so I thought I would shoot you guys a note here on the community.
- We've moved VLAN creation to the Networks tab, and dubbed them wired networks
- When creating or modifying a wired network, there is a toggle for secure
- A secure network has L3 firewall rules automatically created to deny all inter-VLAN traffic on the LAN, just allowing outbound (not inbound) connections only for the devices on that network. The idea here was to prevent a guest network user or some evil actor on the LAN from seeing a point-of-sale network, but still let these secure networks build VPN tunnels or otherwise secure outbound connections.
I'd love your feedback on this feature! As we continue to feel out the UI for firewall rules and how to manipulate them, we'll all start to see more granular controls come into play (for instance, controlling which VLANs can talk to each other, and a toggle for internet access to be disabled if required).