XG - limiting traffic from one VLAN to another

Question

My setup has 2 VLANs - Main and IoT, using Sophos XG as DHCP and gateway. I'm able to allow traffic between the 2 VLANs by adding a firewall rule of 
 LAN Any host Any service to LAN Any host Any service. 
 What I'm trying to do is to only allow traffic initiated from Main -> IoT VLAN but not the other way round. I tried 
 LAN #Port1.77 Any service to LAN #Port1.44 Any service. (VLAN 77 is Main and 44 is IoT) 
 but this won't work. No traffic is allow to flow. 
 Is what I'm trying to accomplish possible with XG?

rfcat_vk · Accepted Answer

Change your #LANport to the network Id of the LAN, you will create this in Hosts and services - IP host based on the full IP address range of the interface. The #LANPort is only one address as your will see when you look at Hosts and services - IP host. 
 Ian

XG - limiting traffic from one VLAN to another

Top Replies