pfBlockerNG-devel IPv4 whitelist

  • Hello all!

    Hope somebody can help me.. I would like to whitelist some IPv4 addresses in pfBlockerNG. How can I do this?

  • Forgot something important:
    my problem is: i cant acces any kind of service/host (like openvpn, pfsense webgui) when im using my mobile phone. When im using vpn service (cloudflare), or using wifi, i can acces my services. I think my mobile public ip is blocked when im on mobile data. So i would like to whitelist my mobile public ip, to reach the firewall/openvpn, etc.

  • Sounds like to need a WAN firewall rule since you're connecting from an IP (mobile public IP) that's not from your LAN.

  • @havastamas said in pfBlockerNG-devel IPv4 whitelist:

    So i would like to whitelist my mobile public ip

    That IP address will never stay the same.

    There is only one possibility : set up and activate OpenVPN server on pfSense.
    ( create CA and cert, create a user, set up OpenVPN server, export the user for VPN-client usage - install a VPN client App on your phone, import the settings and go )

    Now you will be able to admin pfSense - and any other device on your LAN(s) network(s) from your Phone, wherever you are on the world. It's the secure way without hassles, exceptions. It just plain works.
    This is the way we all work to access remote devices, firewalls, and other stuff fro anywhere.

    @havastamas said in pfBlockerNG-devel IPv4 whitelist:

    whitelist some IPv4 addresses in pfBlockerNG. How can I do this?

    Go here :


    and go down to


    Read :


    I advise you have a look at official Netgate :: pfBlockerNG-devel video (Youtube Netgate channel) , you find answers to question that you still have to figure out (your questions will pop up an go away at the same moment ^^)

  • Here's the video that Gertjan mentioned:

    However, if you want to administer your box, I am not sure adding the mobile public IP to whitelist will accomplish what you're seeking without special WAN firewall rule. You could use SSH as per here:
    However, you won't have the WebGUI. So, as Gertjan suggested and recommended, VPN is the best option especially since you already installed OpenVPN.

Log in to reply