Need to block all websites but one. What am i doning wrong?
-
Firewall Aliases IP
Name TEST
Type Host(s)
Ip or FQDN logmein.comFirewall rules for LAN
PASS IPV4* Source* Port* Destination TEST (Aliases) Port* Gateway*
REJECT IPV4* Source* Port* Destination* Port* Gateway*
PASS IPV4* Source LAN net Port* Destination* Port* Gateway*Im still unable to connect to logmein.com
-
Two points:
First you have also to allow access to the DNS, albeit if your DNS is pfSense itself.
The other point is, logmein.com is redirected to secure.logmein.com and this website loads items from logmeincdn.azureedge.net and a.company-target.com. So you have also to add these to the alias to get the whole page loaded.
-
What would a dns rule look like
-
If pfSense does DNS for your LAN:
PASS IPv4 TCP/UDP Source* Port* Destination LAN address Port 53 Gateway* -
Firewall rules for LAN
PASS IPV4* Source* Port* Destination TEST (Aliases) Port* Gateway*
PASS IPv4 TCP/UDP Source* Port* Destination LAN address Port 53 Gateway*
REJECT IPV4* Source* Port* Destination* Port* Gateway*
PASS IPV4* Source LAN net Port* Destination* Port* Gateway*is this correct?
-
Ip or FQDN logmein.com
Don't use domains, use IP addresses or netblocks. When pfSense resolves a domain in an alias, it will cache it for something like 5-10 minutes before it resolves again. Large sites will have many IP addresses assigned to their domain, so by using the domain name you're only going to see the currently-returned address, and this will cause problems with your firewall rules not firing when you expect them to.