Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfblockerNG with MultiWAN

    pfBlockerNG
    2
    3
    712
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shaharyar
      last edited by shaharyar

      Does anyone have experience in setting up PfBlockerNG with MultiWAN load balanced setup?
      I have read a lot of articles and blogs and so far the system is set up but is behaving inconsistently.
      For example, it's blocking some sites from the list but not all, which is strange. The Nslookup is also resolving some sites and others are blocked (getting redirected to 10.10.10.1).
      Can anyone help in this regard?

      P.S. I am using pfBlockerNG-devel (2.2.5_27)

      1 Reply Last reply Reply Quote 0
      • NollipfSenseN
        NollipfSense
        last edited by

        Sounds like it's working as intended...it's not going to block all, because by default, it has a safe list.

        pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
        pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

        1 Reply Last reply Reply Quote 0
        • S
          shaharyar
          last edited by shaharyar

          Yes, it worked finally, but not as you described. I had both ethernet and wifi turned On and one interface had direct access to the internet, therefore, was bypassing the PfBlockerNG.

          Now I ran into another problem. :)
          Everything is working fine, except that one PC is able to bypass PFBlocker. I do not know how but I checked directly and also did Nslookup but it's getting through. All the other workstations are getting blocked except one.

          This is the firewall rule screenshot
          25521629-221e-4d17-b6ee-be1d8464bb60-image.png

          Screenshot of NGAlert showing blocked site access from other PC
          ed30728e-3c6c-46d1-955d-5b63e2112f57-image.png

          Nslookup screenshot from the rouge PC
          8419eb6f-0874-4572-99a7-be567b06a391-image.png
          From the other PC it shows 10.10.10.1. So its getting blocked there

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.