Pass a Mac address through the firewall?
-
Is it possible to let a specific Mac address pass through the firewall?
I have several lan networks on my 4 port router,
10.27.27.x Lan network and pfSense router
10.29.29.x IOT networkIf I connect to the 10.29.29.x network, I cannot log in to pfSense as it is on 10.27.27.1. It's because 10.29.29.x can't reach 10.27.27.x and that's how it should be. Although it would be good if you could set it up so that my laptop could access pfSense on 10.27.27.1 when it is connected to the 10.29.29.x network.
Now I need to connect a LAN cable between the laptop and the 10.27.27.x port on the router for it to work.
-
@andreas-1 No you can’t.
You could set a dhcp reservation for the MAC address and just allow that.
-
@andreas-1 you understand that web gui is available on all IPs of pfsense.
So unless you created a specific rule to block access to pfsense IP on 10.29.29.1 you could use that IP to access the gui,
Or the wan IP as well.
What are your rules on the IOT network?
But as @NogBadTheBad mentions normally what you do is setup a dhcp reservation so that your laptop always gets the same IP when its on your IOT network - now you can create rules on the iot interface to allow this IP to go where you want it to go.
-
A,ha. I can login to pfSense on 10.29.29.1. It was an easy fix :)
Thanks for the quick help!
-
@andreas-1 said in Pass a Mac address through the firewall?:
Is it possible to let a specific Mac address pass through the firewall?
No. MAC addresses are valid only on the local LAN and are never passed through a router. In fact, the entire Ethernet frame is discarded when received by the router and the IP packet is encapsulated in a new frame, with a new MAC, on the other side of the router.
