How to block local hostname under wrokgroup



  • How do i block local hostname

    for example:

    OS is windows 7 computer name is windows101 this pc is belong to workgroup only and it has shared folder everyone can access it if they type this command \windows101 in other computer

    under pfsense i setup 3 lan card one is for WAN 2nd is for 192.168.1.0 and the 3rd is for 10.0.10.0

    by default all are block in 2nd LAN and 3rd LAN

    hostname windows101 is under of 2nd LAN and the IP is 192.168.1.10 in firewall rules all is blocked

    hostname windows102 is under of 3rd LAN and the IP is 10.0.10.10 in firewall rules all is blocked

    here is what i noticed, im expected to denied access to windows101 for the shared folder

    i type this in my windows explorer \windows101 then hit enter it pop up the shared folder

    but if type the IP address \192.168.1.10 denied access

    sorry for my bad english

    thanks



  • Which network are you on when you are doing your test?  If you are on 2nd LAN with windows101 then those clients talk directly to each other.  pfSense can't block that.



  • What I make of it :

    Device :

    hostname windows101 is under of 2nd LAN and the IP is 192.168.1.10 in firewall rules all is blocked

    Device :

    hostname windows102 is under of 3rd LAN and the IP is 10.0.10.10 in firewall rules all is blocked

    Thus : windows101 and windows102 are not on the same network segment.

    Both : LAN interfaces :  both have "all is blocked" rule.

    Question :

    i type this in my windows explorer \windows101

    What is my computer : windows101 or windows102 ?

    Did you check the consistency of the host-names ? Names versus IP's are ok ?



  • Which network are you on when you are doing your test?  If you are on 2nd LAN with windows101 then those clients talk directly to each other.  pfSense can't block that.

    Yes you are correct KOM if same subnet it cannot block even firewall rules is set to blocked all

    I tested different subnet windows101 under of 2nd LAN so I used windows102 under of 3rd LAN which IP is 10.0.10.10 in windows explorer i used this command \windows101 to access immediately the shared folder under of windows101 but suddenly appeared the username and password but if i used IP \192.168.1.10 it is access denied.



  • Did you check the consistency of the host-names ? Names versus IP's are ok ?

    Yes the hostnames is correct windows101 and IP is also correct because i managed our network using pfsense all computers i always get the MAC Address to assigned permanent IP Address because i used Automatic DHCP.



  • What is my computer : windows101 or windows102 ?

    My computer i used is windows102 and the IP assigned is 10.0.10.10 under 3rd lan Card to access the windows101 and the IP is 192.168.1.10



  • From Windows102 do a "ping windows101" and report which IP is returned.
    If the IP is indeed 192.168.1.10 then either reboot pfSense or reset states. After that it should be gone.



  • Let me clear my sample hostname and IP Address
    this is the actual happening in our network

    Pfsense LAN Interfaces and Setup
    LAN1: WAN ISP IP
    LAN2: 192.168.50.1 - 192.168.50.254
    LAN3: 10.200.0.1 - 10.200.7.254

    OS: windows 7 pro
    Hostname: pc50
    IP address: 192.168.50.150 is belong to LAN2 Subnet

    OS: Windows 7 pro
    Hostname: win58
    IP Address: 10.200.7.158 is belong to SUBNET of LAN3

    here is my problem
    from win58 using this command \pc50 or \PC50 in windows explorer username and password prompted See Attached file pc502.png
    but using IP Address to access the shared folder to pc50 is Windows Cannot Access \192.168.50.150 see attached file 150.png

    see attached win58.png for more info








  • from win58 ping



  • LAYER 8 Netgate

    Something is responding same-subnet (local network, not through the firewall) as host pc50 on IPv6. When you connect to \pc50 you are connecting to whatever that is and are not going through the firewall.



  • Something is responding same-subnet (local network, not through the firewall) as host pc50 on IPv6. When you connect to \pc50 you are connecting to whatever that is and are not going through the firewall.

    but the IPv6 is not enabled in pfsense how does IPv6 can ping to our network while firewall rules is Denied for IPv4* and  IPv6*




  • so if thats the case how am i going to prevent that is the pFsense has capable to block the subnet?

    any suggestions…

    thanks


  • LAYER 8 Netgate

    You have something hosed up at layer 2 or something else set to respond to that name.

    Firewall can't help you there.



  • You have something hosed up at layer 2 or something else set to respond to that name.

    For now my temporarily solution is to pointed into wrong IP Addres like 127.0.0.1 to the hostname of pc50 thru modifying of hosts file from windows system.

    But soon he will discover that and i dont want to argue with him. Can you please explain more details about hosed up at layer 2 well for me if possible one server to manage this kind of problem not one by one do modifying of hosts file.

    Thanks


  • LAYER 8 Netgate

    That IPv6 address starting with fe80 is on interface "11" as far as windows is concerned. That is a link-local address. The firewall is not involved in communication with that address at all. This is not a pfSense problem. Check your local network.



  • Hi

    I dont know what would i check on our local network no idea where to start, the only i know he did something in windows services and windows firewall is disabled but still no idea i tried other windows system i disabled the firewall and access the hostname like \win45 i get access denied even in IP address and reboot many times.

    thanks



  • This is not a pfSense problem. Check your local network.

    What i do first is to review and check all connection cable from Switch HUb device and review one by one  unplugged and plugged it. then finally found the problem :)

    so the problem is from the LAN1 LAN2 and LAN3 connected to same Switch HUB1,2 and 3 device so i removed LAN1 and connect to HUB1 Only and LAN2 to HUB2 Only same to LAN3 to HUB3

    so HUB1, HUB2 and HUB3 are not connected to each other anymore then i tried LAN2 to access the shared folder from PC50 were the subnet is from LAN1 which is 192.168.1.10 whoaalllaaaa i get access denied

    Thank you soooo much for giving me a time to understand and i learned so much guys


Log in to reply