Rule to allow :80,:443 to Amazon Servers
-
Howdy,
Amazon Echo devices & Google Home IoT devices frequently initiate outbound connection to their base sites (Amazon & Google). I have a list of Amazon Cloudfare server IPs that these outbound connections are initiated to. I use this Server list to allow all outbound connection to :80 & :443; however, the IP addresses of these Amazon & Google Servers change frequently due to intermediary load balancers and such. How to add a rule that would allow the entire block of Amazon & Google Servers that these IoT devices connect to?
-
Use pfblockerng to create an alias using Amazons ASN number.
-
@NogBadTheBad thanks, but I'm not sure how to create alias under pfBlockerNG. I normally create aliases from Firewall->Aliases menu
-
Install it and have a play it’s not hard to do.
Also check out the pfSense videos, @BBcan177 goes over setting up pfblockerng.
https://www.netgate.com/resources/videos/pfblockerng-on-pfsense.html