Clients can not access internet
-
Hello,
this is probably something very simple but I can not find a solution even after couple of hours…
I just installed pfsens on ALIX. Everything seems to be ok.
Problem is that I want clients to access only internet from their browsers (for beginning)
I thought that it should work when I setup LAN rule like that:
Source: Lan net
Protocol: TCP
Port: any
Destination: any
D. port: 80but it does not work. Clients can access internet only with this rule:
Source: Lan net
Protocol: any
Port: any
Destination: any
D. port: anyOR with Easy rule that I created from log
Source: 192.168.1.37 (client IP address)
Protocol: TCP
Port: any
Destination: 92.122.253.55 (some web page)
Port: 80I attach a picture, you can see there some other rules as I am playing with setup.
Thank you in advance for any help.
-
The rules are processed top down (as is explained in the documentation if you take the time to read it ;) ). As such this means the default pass all rule wins each time until you disable it.
-
If you're only permitting TCP 80, you're blocking DNS (TCP/UDP 53), which means nothing will work.
-
@cmb:
If you're only permitting TCP 80, you're blocking DNS (TCP/UDP 53), which means nothing will work.
Thank you very much! This is a direction that helps me, there will be probably more to setup because I tried to allow DNS on LAN intf., and some pages are not working but I believe that I will do it.
-
It works now, really only 2 ports needs to be allowed, 80 and 53. I do not know why it did not work before, maybe some cache (?)