Hello!
We have a Netgate and need to restrict traffic outbound the WAN connections to specific ports, so a default deny outbound rule, and allowing outbound specific ports, such as TCP 443, 80, and a few others.
We have multiple LAN interfaces/networks, which still requires communication between them, but specifically need to restrict any traffic outbound to the internet. I'm wondering the best way to achieve this as simply as possible.
I tried creating a floating rule, selecting the WAN interfaces, and selecting a specific internal IP as the source (for testing), with "any" as the destination, but the device was still able to reach internet hosts. I wasn't even able to see any traffic logged even though the rule is configured to do so.
What am I missing?