Floating rules not working



  • I have a setup of about 5 vlans. Admin, Guest, Work, User and Mobile.  I have created an alias called pfsenseguiaccess with the gateway hosts of each vlan. So e.g.  10.0.0.1, 10.0.2.1, 10.0.3.1, 10.0.4.1 and 10.0.5.1.  I then created a floating rule to block access from the 5 networks to pfsenseguiaccess on https(443).

    However, it doesn't appear to be working as I would assume it would. For example, if I connect to the Guest network I am able to get to the gui access page via the browser for any of the networks.

    What am I not doing correctly?

    Thanks in advance


  • LAYER 8 Global Moderator

    so lets see this rule you setup.  Did you set it up inbound or outbound.  You selected all the interfaces in the floating rule?

    Keep in mind if a state is created already does not matter if you create a block rule until that state is cleared the block will not work.



  • It looks like the issue is the proxy. Those rules have a higher precedence than the firewall rules. I just blocked the gateways under the acl settings.



  • It's not that they have a higher precedence it's that you're connecting to the proxy not the remote server.


Log in to reply