Block an IP-range from communicating with another IP-range

Microscopium

Hello

I've been searching around how to block a range of IP's to communicate with another, like stated.

For example:
192.168.101.1 - 192.168.101.20 cannot communicate with 192.168.101.21 - 192.168.101.40.
When 192.168.101.15 pings to 192.168.101.24 he shouldn't get a reply back.

Should I be using VLANs or can this be done with the GUI via Rules on the Lan side?

Thanks in advance

NogBadTheBad

@Microscopium:

Hello

I've been searching around how to block a range of IP's to communicate with another, like stated.

For example:
192.168.101.1 - 192.168.101.20 cannot communicate with 192.168.101.21 - 192.168.101.40.
When 192.168.101.15 pings to 192.168.101.24 he shouldn't get a reply back.

Should I be using VLANs or can this be done with the GUI via Rules on the Lan side?

Thanks in advance

you'd need vlans / multiple firewall interfaces & switches, firewall rules don't block communication between devices on the same subnet.

johnpoz

If you do not want an IP in the same network as another IP talking to each other.

If you don't want 192.168.101.20 to talk to 192.168.101.21 then put a firewall on .21 and block .20

Or run private vlans on your switches.  Or as mention break out these devices to different vlans and firewall at pfsense.  As mentioned already by NogBadTheBad pfsense has nothing to do with devices on the same network taking to each other.