our set up is : internet <—> pfsense <—> Lan including freepbx .
at pfsense we limit addresses and ports that have access to freepbx. also remote phones use openvpn at pfsense
at freepbx eth0 has the IP 10.1.4.17
at settings > firewall > networks 10.0.0.0/8 is set to trusted
at settings > firewall > interfaces eth0 is set as “local (Local trusted traffic)”
My question is: should eth0 be changed to “Internet (Default Firewall)” ? I think that is needed in case we screw up the firewall setting or something sometime.