Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Apply a firewall rule for user

    Firewalling
    captive portal firewall rules
    2
    9
    306
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • mohkhalifa
      mohkhalifa last edited by

      Dear All,
      why there isn't an option to apply a spastic rule for 1 user or group users in the source ?? because I'm facing a problem after applying the Captive Portal BLOCKED all the traffic for my LAN network also Captive Portal override the Firewall Rules.
      My scenario that I want to allow some users in my LAN to access the internet with Qos or bandwidth limit on the other hand the Captive Portal can limit the bandwidth BUT it will for all the LAN devices.
      Kindly need some recommendation

      stephenw10 1 Reply Last reply Reply Quote 0
      • stephenw10
        stephenw10 Netgate Administrator @mohkhalifa last edited by

        @mohkhalifa said in Apply a firewall rule for user:

        why there isn't an option to apply a spastic rule for 1 user

        A specific rule?

        You just need to limit some users on LAN but leave other users unrestricted?
        You can do that using Limiters as long as you can defined a firewall rule to match them. That probably means you need to use static IPs or dhcp leases.

        Steve

        mohkhalifa 1 Reply Last reply Reply Quote 0
        • mohkhalifa
          mohkhalifa @stephenw10 last edited by

          @stephenw10 Also the VPN can not access my LAN Network. So, my solution till now after applying the Captive Portal is to bypass the unauthenticated with adding some IP addresses and creat a separate firewall for them. Is it the right way ?

          1 Reply Last reply Reply Quote 0
          • stephenw10
            stephenw10 Netgate Administrator last edited by stephenw10

            Do you need the captive portal or are you just using it to get bandwidth limiting? You can just use the Limiters it uses directly without having to bother with the captive portal at all.

            mohkhalifa 1 Reply Last reply Reply Quote 0
            • mohkhalifa
              mohkhalifa @stephenw10 last edited by

              @stephenw10 I need CP and the problem that if CP enabled, all the firewall rules not working, which means the CP override the fw rules. !!!!

              1 Reply Last reply Reply Quote 0
              • stephenw10
                stephenw10 Netgate Administrator last edited by

                The captive portal works at layer 2, so yes it will always block traffic that has not been allowed not matter what the layer 3 firewall rules show.

                If you need clients to not have to use the portal add them to the pass lists in the captive portal setup.

                Steve

                mohkhalifa 1 Reply Last reply Reply Quote 0
                • mohkhalifa
                  mohkhalifa @stephenw10 last edited by

                  @stephenw10 the captive portal on my LAN network which means i will add many IPs and subnets and I must configure a rules for them all in the firewall. that's right ?

                  1 Reply Last reply Reply Quote 0
                  • stephenw10
                    stephenw10 Netgate Administrator last edited by stephenw10

                    If you want them to pass the CP without logging in they need to added to the pass lists there.
                    They will then be subjected to firewall rules on LAN like all the traffic.

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • mohkhalifa
                      mohkhalifa last edited by

                      Thanks dear for your kind reply :)

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post