Network Question
-
Hello,
i have been playing around with PFSense for the past week now ever since I switched over from my ISP router, its now in bridge mode.
i have been setting up firewall rules. the first thing i wanted to do, again this is me just playing around, i wanted to block the PFSense Web Gui on all devices but the pc in the server room. the rule works great had to tick the box in advanced settings disable anti lock out rule for it work.
so then i thought why not block all other devices but the pc in server to access the unifi controller. so i went ahead and setup a rule “Pass” to the pc in server room and port. then created a rule to block all other devices to that ip and port. but it does not work.
My Friend told me its not going to work as the routing is bypassing the firewall. so my question is how do i get pfsense to use that rule for a machine to block another device raspberry pi hosting unifi controller so that machine cant land at the gui.
both devices are on the LAN, the rule is on the router under LAN, should i put the rule in WAN and see if that works ? is there a way for a rule or settting somewhere for rules to headout but noticed its internal and loop back hence passing through the firewall ?
any advice would be great
-
On a LAN, a computer talks directly to others on the same LAN. Otherwise you would have to have ALL of your LAN traffic pass through pfSense, effectively making the total speed of your entire LAN the speed of one pfSense port.
To do what you want place the computers your want to protect an a different LAN, this will cause the computers to talk to their default gateway (pfSense) to talk to the protected PCs. Then pfSense will see the traffic and apply your rules.
Buy your friend a nice gift.
