GeoBlock Whitelisting by LAN IP
-
The geo blocking rules are in the floating section of the firewall. I did add a floating rule to the top of the floating section with the source as the LAN IP I need unblocked. But that was still being blocked even though it was above the geo blocking rules. Is there any other way to do it?
-
Did you Select Quick [ x ] Apply the action immediately on match.
-
Yes I did. But I do t think I selected “inverted.” Would that make a difference?
-
Yes I did. But I do t think I selected “inverted.” Would that make a difference?
If you created a FW rule to allow the Lan Device, then you have to select Quick and no invert for Source.
For you GeoIP block alias table, there you could just create an FW Alias IP for the lan device, then select Custom source, Invert, that should block inbound LAN except the lan device.
-
Attached is the floating rule I have at the top of the list. When I add this rule, the traffic is still blocked, but the blocked alert changes my interface from the LAN to Opt1.
-
What did you select for Interface for that rule ? Should be applied on LAN if the device reside on that network.
-
The only interface selected is the LAN.
-
What is the interface / direction of the alerts ?
The FW rule will allow the lan ip to initiate Outbound traffic and associated return traffic.
It will still block incoming connections not initiated by the lan IP. -
I'm trying to visit a website from that .15 device on my LAN. PFBlocker is geoblocking it even though the rule is above the geo rules in the floating section.
-
Beats me. You applied the changes to the FW Rules ?
Enable logging on the rule and see what's happening in Firewall logs.
Also check the LAN rules
