Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Rule: dhcp ip-Range -> internet only access

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 250 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nikonier
      last edited by

      Hi,
      I want to define a rule that the users from the dhcp ip range can access only the internet (wan), no access to the internal net. I've created an alias dhcp_users which includes the dhcp-iprange (10.0.10.230-.254) but didn't know how to create the deny rule. Or WAN only rule.
      Maybe someone can give me some hints or links.

      Regards,
      Jürgen

      1 Reply Last reply Reply Quote 0
      • NogBadTheBadN
        NogBadTheBad
        last edited by NogBadTheBad

        Deny rule on the LAN interface

        0_1542540189554_Screenshot 2018-11-18 at 11.22.25.png

        h_ip_local contains my local subnets, just add the alias for your subnet range and replace my TEST net with your DHCP alias.

        Andy

        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

        1 Reply Last reply Reply Quote 1
        • N
          nikonier
          last edited by

          Hi,
          thanks for the quick answer and it works.
          0_1542542990704_f6c68171-1d1b-4768-b107-018cfec5ca52-grafik.png

          regards,
          Jürgen

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.