Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfBlockerNG WAN Inbound Rule

    Scheduled Pinned Locked Moved
    pfBlockerNG
    2
    3
    48
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      durwinius
      last edited by

      How can I limit some of my WAN inbound rules to the US only? I have a range of public IP addresses configured into the Firewall for different inbound services.

      I also have multiple VLANs / Subnets it seems like PfBlockerNG is operating at the global system-wide level.

      I am trying to be as granular as possible for example:

      Client VLAN A services can only be inbounded by CA IP / Outbound to selected countries
      Client VLAN B services can only be inbounded by US IP / Outbound to selected countries

      Thank you,

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @durwinius
        last edited by

        @durwinius

        Example :

        I have a VPN access activate, and want it to limit to IPs from France only :

        First, read the Maximind GeoIP conditions. You have to create an account:
        On the Firewall > pfBlockerNG > IP page :

        25fe6fd0-9e21-482c-a0ec-4de8dff58a39-image.png

        Then :

        ffa07f6f-ddb2-42bf-acbc-a3dc8e8bde68-image.png

        Here ;

        2f2b1b99-40d7-4a30-8bf3-74ce380c8c71-image.png

        I select the countries :

        333c56ab-b374-4acf-a23e-a1e81f59aba0-image.png

        and some more details :

        f6f9af17-c0de-4256-95cd-b6ca359cbd9b-image.png

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        D 1 Reply Last reply Reply Quote 0
        • D
          durwinius @Gertjan
          last edited by

          @Gertjan

          I do have the MAXMind ID set up. How do I apply the same settings to inbound access rules, such as VOIP, and IIS,?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post