So I got everything set up.
I have 1.5Gb speeds and I would get well over 1000Mbps on my desktop, now I get ~400. The wifi I am using a netgear RAX200 in AP mode. WiFi 6 devices are getting around ~70Mbps.
My Unraid server. 
I am really bummed. What can I do/check to find out the issue?
The Red nic is [
The Green and Blue is QNAP AC QXG-2G2T-I225 Dual port 2.5GbE
ok, i think i got my wired speeds back by changing the MTU to 1452 I believe it was. I will have to try Blue also.
Got wifi speeds working somehow.
Just need to figure out how to access my AP on blue from green. I have done this firewall rule
Just get empty_response in chrome when trying to get to the AP admin. But I can access Plex from blue which is on green. But I can’t access sonarr/radarr on Unraid which is on green.
UPDATE: I just added this FW policy and it seems to work from blue now. But I need to know if all the other settings I showed above should stay or go?
Should not need green to blue.
I have a rule for blue to a Jellyfin server using service groups
you don’t need either of those rules.
take a look at this:
Yes, I have looked at a fair amount of the wiki. Fact is, until I enable this rule, I cannot access Plex, well my whole Unraid server actually, from blue.
Check the PINHOLE setup fro Blue to Green on the wiki…
I struggled a bit with this to but got it to work (totally my own head not getting things) , you can also see my extensive trial and error thread about it here… not exactly what you are asking about, but similar.
I have done the pinhole.
I tried following that post of yours and came up with this. But when I try to get to green I am getting DROP_FORWARD and I still can’t reach my ap on 192.168.0.2
OK, just figured some of it out and was starring right in my face. ALl those apps on Unraid all run on different ports so I had to add them as custom services.
To summarize the discussion thus far: no special rules are needed for the green network to access either the blue network or the IPFire Web User Interface (WUI). In the context of the blue network, you also don’t need a specific rule to access the WUI. However, a rule is required to grant the blue network partial or full access to the green network. This is referred to as a “pinhole” rule in the IPFire wiki.
It appears that you’ve already created such a pinhole rule, specifically for the machine in the green network with the IP address 10.0.0.35, as outlined in post 6.
As a best practice, you should consider removing any existing rules that use the green network as a source. Additionally, the rule allowing the entire blue network to access the entire green network, shown in post 3, should also be removed. More restricted rules like the one in post 6 should instead be used, following the principle that the pinhole should not be bigger than necessary.
In short, maintain only the essential pinhole rule and remove all other related rules for optimal configuration. Do not forget to click Apply changes when modifying the firewall in the WUI.
The source ports are dynamic, set them to “any”.
