Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Rule with port alias not working

    Firewalling
    4
    6
    1173
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BemBile last edited by

      Hi,

      I'm setting up firewall rules on a new Pfsense installation (2.3.4), and I'm having problems with a rule that uses a port alias to block out the ports to the management interface on my firewall.

      I'v set up my firewall rules and the port alias exactly like it's done in this guide: https://doc.pfsense.org/index.php/Restrict_access_to_management_interface
      but my rule won't trigger.

      If I make 3 separate rules each blocking one of the ports, instead of using the port alias, the management interface gets blocked. The rule is on top of the list, and I have no floating rules.

      I can't find anything on this so I figure that I must be doing something wrong, and it's driving me nuts.
      Thanks for your help! ;)




      1 Reply Last reply Reply Quote 0
      • bahsig
        bahsig last edited by

        i want to revive this post, as i'm experiencing the same issue on 2.3.4 p1.

        i have different port aliases to use for tcp and udp. tcp ports work fine with the alias whereas udp ports alias don't.

        any ideas?

        1 Reply Last reply Reply Quote 0
        • B
          BemBile last edited by

          Hi bahsig,

          I never found a solution myself, and I got no input here here as you can see.
          It's good to know that I'm not the only one who has this problem.

          Regards, B.

          1 Reply Last reply Reply Quote 0
          • P
            PlatinumBlack last edited by

            Has anyone found a solution to this yet as im experiencing the same issue?

            1 Reply Last reply Reply Quote 0
            • B
              Birke last edited by

              one error of the op might be the wrong port for https in the alias: its not 433, its 443.
              not sure if that could be your problem too. can you post your alias and the rule?

              1 Reply Last reply Reply Quote 0
              • P
                PlatinumBlack last edited by

                @Birke:

                one error of the op might be the wrong port for https in the alias: its not 433, its 443.
                not sure if that could be your problem too. can you post your alias and the rule?

                Essentially what i am trying to do is stop access to he admin login page on all vlans bar the management vlan, I was able to resolve this issue though :)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense Plus
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy