Allow traffic by time - possible ?
-
Here is our issue.
We have a hostel next door to our company and are willing to share our ethernet internet connection (we have an unmetered connection)with them when we are not using it after work hours.
What i was thinking, and I really don;t know if its possible - was to provide a wifi access point for them and then lock this down so it only 'works' or passes traffic between certain hours.
Is this possible ?
-
For security you will want them on a separate LAN+subnet. If you have a spare actual NIC then connect them to that, otherwise use VLANs. Then they can't mess with your office LAN, or pretend to be anything they are not.
Firewall-Schedules will let you specify sets of times. Then you can make rules that allow or block access at those times as needed. If you are feeling nice, you can even put them into a limiter during office hours so they get some dribble of bandwidth. -
Hi Phil
Thanks for the reply, the box we use for pfsense does have a spare nic (we previously used 2 WANS), how would i set this up as another LAN ?
thanks
-
Interfaces-Assign, click the "+". You will get an interface called OPT1 and can pick the FreeBSD device name to associate it with (mostly it "guesses" the next device it finds and that is what you want).
Then Interfaces-OPT1 and setup IP address… then add firewall rules to allow what traffic you want. -
great thanks!
I think i was just getting confused with having 2 LAN's.
cheers