• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

NIC interface "zones"?

Scheduled Pinned Locked Moved Firewalling
9 Posts 3 Posters 3.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • K
    kobos
    last edited by Jan 2, 2007, 11:41 AM

    Hi all

    I'm looking into a Linux firewall OS and I need to have the "zones" feature which is in IPcop and Smoothwall, but they don't work fully with my hardware.

    I need to have 6 zones each with their own rules relating to each other. (each zone would have their own NIC)
    Red -> Internet
    Blue -> Wifi only access to red
    Yellow -> semi-trusted staff limited access to orange
    Orange -> SQL Server and backups (limited access to internet) with secondary firewall
    Green -> Admin
    Purple -> NAS and Printers

    So is that config possible with PFsense?

    regards

    stefan

    1 Reply Last reply Reply Quote 0
    • H
      hoba
      last edited by Jan 2, 2007, 11:51 AM

      If you really want a Linux firewall pfSense is not suitable for you. It runs freebsd  :P

      Besides that pfSense can handle any amount of interfaces (that your hardware can handle, I have heard from people using it with 12 interfaces already). It also doesn't have this unflexible classification for interfaces (like, green, red, orange, blue,…). You can setup any interface with custom rules.

      So the answer (besides the Linux thing) is: Yes, pfSense can do all that.

      1 Reply Last reply Reply Quote 0
      • Y
        yoda715
        last edited by Jan 2, 2007, 12:28 PM

        Yes, Pfsense can do all that in a much simpler way :)

        1 Reply Last reply Reply Quote 0
        • K
          kobos
          last edited by Jan 2, 2007, 1:51 PM Jan 2, 2007, 1:39 PM

          linux = not freebsd = verbally slap myself… :)

          how do i create rules for this / is there a tut?

          1 Reply Last reply Reply Quote 0
          • H
            hoba
            last edited by Jan 2, 2007, 2:27 PM

            First set up and assign all interfaces (wither from the shell or from the webgui interfaces menu). Then add required firewallrules under firewall>rules. Each interface will appear as seperate tab. Firewallrules are always applied for incoming traffic and rules are applied top down. First match wins. At the bottom there is always an invisible "block anything" rule, so anything not explicitly allowed will be blocked. If you need seperate DHCP-Servers for each interface you can set them up at services>dhcp server (you'll find a tab for each interface there). I think the rest should be pretty clear once you start editing firewallrules.

            1 Reply Last reply Reply Quote 0
            • K
              kobos
              last edited by Jan 2, 2007, 3:27 PM

              yar, clarity!

              I'll be using this then!

              1 Reply Last reply Reply Quote 0
              • Y
                yoda715
                last edited by Jan 3, 2007, 8:39 PM

                @kobos:

                yar, clarity!

                I'll be using this then!

                Awesome! Spread the word to your IP-Cop and Smoothwall friends  ;D

                1 Reply Last reply Reply Quote 0
                • K
                  kobos
                  last edited by Jan 13, 2007, 7:23 PM

                  ok i've installed PFsense on an old box works fine with just a LAN and a WAN interface. I want to now add another LAN interface for an AP.
                  But when i assign the interface on the webgui the new interface configuration is for a WAN interface. How do i change that so it runs a DHCP server on it and acts like a LAN interface?

                  1 Reply Last reply Reply Quote 0
                  • H
                    hoba
                    last edited by Jan 13, 2007, 8:34 PM

                    Create firewallrules at firewall>rules, new_interface_tab. You can setup DHCP server for this interface at services>dhcp server, new_interface_tab.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                      This community forum collects and processes your personal information.
                      consent.not_received