Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bogons and CGNAT

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 408 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Dipsomaniac
      last edited by

      Our university has recently implemented CGNAT for wireless and we have a firewall issue now. We have our departmental firewall set to block bogon networks, so far so good. Uni wifi is using 100.64.0.0/13 for their CGNAT and the bogon 100.64.0.0/10 rule is blocking all wifi traffic in through our firewall, which on the face of it is great because we don't need everyone on the wifi getting into our network.

      But us IT guys need to be able to connect to our management VPN from wifi sometimes, and we would also prefer to otherwise block bogon traffic into our network segment. We tried a floating rule to allow VPN traffic from 100.64.0.0/13 through but it's not working at all.

      So, is there a way to let the wifi traffic on 100.64.0.0/13 through according to our rules while blocking all the other stuff?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.