Floating rules not working
-
I have a setup of about 5 vlans. Admin, Guest, Work, User and Mobile. I have created an alias called pfsenseguiaccess with the gateway hosts of each vlan. So e.g. 10.0.0.1, 10.0.2.1, 10.0.3.1, 10.0.4.1 and 10.0.5.1. I then created a floating rule to block access from the 5 networks to pfsenseguiaccess on https(443).
However, it doesn't appear to be working as I would assume it would. For example, if I connect to the Guest network I am able to get to the gui access page via the browser for any of the networks.
What am I not doing correctly?
Thanks in advance
-
so lets see this rule you setup. Did you set it up inbound or outbound. You selected all the interfaces in the floating rule?
Keep in mind if a state is created already does not matter if you create a block rule until that state is cleared the block will not work.
-
It looks like the issue is the proxy. Those rules have a higher precedence than the firewall rules. I just blocked the gateways under the acl settings.
-
It's not that they have a higher precedence it's that you're connecting to the proxy not the remote server.