Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Controlling Guest Access with PFSense

    General pfSense Questions
    3
    3
    475
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • NitrobeastN
      Nitrobeast
      last edited by

      Just a question is it possible to prevent clients from talking to each other that are on the same subnet with PFSense. I would like to keep devices from talking to one another except maybe a printer and still allow internet access?

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Devices on the same subnet can talk to each other on the local switch for the subnet. pfSense does not even see the traffic, so has no chance to filter it.

        For this kind of thing you need to make a separate "guest" subnet on a separate interface (either another physical interface on your pfSense hardware, or using VLANs and have a VLAN switch etc)

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Or something like wireless client isolation and Private VLANs…

          You are looking for layer 2 isolation. pfSense is a layer 3 firewall.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.