• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Block Devices from Accessing My Network

Scheduled Pinned Locked Moved General pfSense Questions
7 Posts 3 Posters 720 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • H
    H20FRKS
    last edited by Mar 19, 2018, 6:47 PM

    Hello all this is my first post and apologize if this is not the correct location for this topic or if it has been answered already. During my searching I have not been able to find any posts around this topic.
    I am looking to see if psSense can resolve my issue and replace my current network.

    Currently I am using a Netgear Nighthawk R700 router and this router allows me to use a feature called "Access Control" which allows me to block all connected devices on my network and I will need to manually go into the config and approve the device (by MAC address) to be allowed on LAN or Wifi. This is great feature to add for security, however it drastically drops the performance of the through put of the router.
    I am using a fiber connection with 1gig up/down. When connecting directly to the PON (passive optical network) I can get speeds of 940Mbps down to 970Mbps Upload when connecting to through the Netgear router without Access Control I get 600Mbps Down and 700+Mbps Upload. With Access Control on it drops to 200Mbps Down and 230Mbps Upload.

    1- Does pfSense have this type of feature to control devices on the network?
    2- If I built a pfSense box would it resolve my through put issue while restricting access?

    I hope someone can help provide some details to see what direction I need to go to resolve my issue

    Thanks in advance,

    H20FRKS

    1 Reply Last reply Reply Quote 0
    • J
      JKnott
      last edited by Mar 19, 2018, 6:57 PM

      PfSense can't filter on MAC addresses, but there is a work around.  You can map IP addresses to MAC addresses and only allow those IP addresses through.  You can also allow only specified MAC addresses to get an IP address.  Since these methods are done with the DHCP server, they will have no effect on performance.

      PfSense running on Qotom mini PC
      i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
      UniFi AC-Lite access point

      I haven't lost my mind. It's around here...somewhere...

      1 Reply Last reply Reply Quote 0
      • S
        SammyWoo
        last edited by Mar 19, 2018, 7:19 PM

        Consumer boxes like the Netgear tend to have (not upgradable) weak cpu but friendlier management. Pfsense is a more generic solution with lots of possibilities but requires more expertise on your part on management and configuration, but just throw a better cpu at it if current hardware ain't cutting.

        1 Reply Last reply Reply Quote 0
        • H
          H20FRKS
          last edited by Mar 19, 2018, 8:09 PM

          @JKnott:

          PfSense can't filter on MAC addresses, but there is a work around.  You can map IP addresses to MAC addresses and only allow those IP addresses through.  You can also allow only specified MAC addresses to get an IP address.  Since these methods are done with the DHCP server, they will have no effect on performance.

          Thank you JKnott for your quick response. If I leverage the "Deny Unknown Clients" feature on the DHCP within PpfSense. Do you know if the unknown client mac address would be recorded somewhere in a log?

          1 Reply Last reply Reply Quote 0
          • H
            H20FRKS
            last edited by Mar 19, 2018, 8:10 PM

            @SammyWoo:

            Consumer boxes like the Netgear tend to have (not upgradable) weak cpu but friendlier management. Pfsense is a more generic solution with lots of possibilities but requires more expertise on your part on management and configuration, but just throw a better cpu at it if current hardware ain't cutting.

            SammyWoo, are you saying building a pfSense server with better hardware will not resolve the through put issue I have?

            1 Reply Last reply Reply Quote 0
            • S
              SammyWoo
              last edited by Mar 19, 2018, 9:20 PM

              @H20FRKS:

              SammyWoo, are you saying building a pfSense server with better hardware will not resolve the through put issue I have?

              Just the opposite.

              1 Reply Last reply Reply Quote 0
              • H
                H20FRKS
                last edited by Mar 19, 2018, 9:34 PM

                @SammyWoo:

                @H20FRKS:

                SammyWoo, are you saying building a pfSense server with better hardware will not resolve the through put issue I have?

                Just the opposite.

                Great thanks! I will continue my efforts to understand pfSense better and work on building a server.

                1 Reply Last reply Reply Quote 0
                1 out of 7
                • First post
                  1/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  This community forum collects and processes your personal information.
                  consent.not_received