Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    block access from certain countries or IPs

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 3 Posters 320 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • frogF
      frog
      last edited by

      Is it possible to block certain countries from connecting to the openvpn server on PFSense+
      If so, how please.
      thx

      Chris

      johnpozJ 1 Reply Last reply Reply Quote 0
      • AndyRHA
        AndyRH
        last edited by

        pfBlocker will do what you need. There are plenty of documents on how to do it.
        Mostly you install pfBlocker and chose the block lists that meet your needs.
        Expect a few hours of learning that is well worth the time.

        o||||o
        7100-1u

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @frog
          last edited by

          @frog yeah you can create aliases with pfblocker and then only allow what is in the alias to connect. I would go more for allow vs block, because normally this is a much smaller list vs trying to block the planet.

          But if you just want to block a couple of countries and allow the rest then sure block vs allow.

          For example - I currently allow only the US and a few specific IP ranges that might not be US to access any of my services I expose. But if you wanted to allow everyone other than say mexico ;) then that list would be smaller and would be better to block vs allow.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.